Cloud computing has high applicability as an Internet based service that relies on sharing computing resources. Cloud computing provides services that are Infrastructure based, Platform based and Software based. The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security. Such a coherent and proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions. The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have proved to be a better as well as an efficient IDS.
Constructing a predictive model for an intelligent network intrusion detectionAlebachew Chiche
This document presents a study that constructs a predictive model for network intrusion detection using data mining techniques. The study uses the KDD Cup 99 intrusion detection dataset to build classification models using J48 decision tree, JRip rule induction, Naive Bayes, and multilayer perceptron algorithms. The J48 decision tree algorithm achieved the highest accuracy of 99.91% and was selected to build the predictive model. This model was then integrated with a knowledge-based system to build an intelligent network intrusion detection system capable of automatically detecting network attacks, mapping detections to attack categories, and updating the training data over time. Experimental evaluation found the integrated system achieved 91.43% accuracy and 83% user acceptance in detecting network intrusions
IRJET- Review on Network Intrusion Detection using Recurrent Neural Network A...IRJET Journal
This document presents a review of using recurrent neural networks for network intrusion detection. It begins with an introduction to intrusion detection systems and the types of attacks they aim to detect. It then discusses previous research on machine learning approaches for intrusion detection, including the use of autoencoders, support vector machines, and other classifiers. The proposed approach uses a recurrent neural network for feature selection and classification of network data. The framework involves data collection, preprocessing including feature selection, training the recurrent neural network classifier, and then using the trained model to detect attacks in new data. Experimental results on benchmark intrusion detection datasets are presented and compared to other machine learning methods.
The main goal of Intrusion Detection Systems (IDSs) is
to detect intrusions. This kind of detection system represents a
significant tool in traditional computer based systems for ensuring
cyber security. IDS model can be faster and reach more accurate
detection rates, by selecting the most related features from the
input dataset. Feature selection is an important stage of any IDs to
select the optimal subset of features that enhance the process of the
training model to become faster and reduce the complexity while
preserving or enhancing the performance of the system. In this
paper, we proposed a method that based on dividing the input
dataset into different subsets according to each attack. Then we
performed a feature selection technique using information gain
filter for each subset. Then the optimal features set is generated by
combining the list of features sets that obtained for each attack.
Experimental results that conducted on NSL-KDD dataset shows
that the proposed method for feature selection with fewer features,
make an improvement to the system accuracy while decreasing the
complexity. Moreover, a comparative study is performed to the
efficiency of technique for feature selection using different
classification methods. To enhance the overall performance,
another stage is conducted using Random Forest and PART on
voting learning algorithm. The results indicate that the best
accuracy is achieved when using the product probability rule.
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIERCSEIJJournal
This document discusses using a random forest classifier with feature selection to improve intrusion detection. It begins with background on intrusion detection systems and challenges. It then proposes using genetic algorithms for feature selection to identify the most important features from a dataset. A random forest classifier is used for classification, which combines decision trees to improve accuracy. The methodology involves feature selection, classification with random forest, and detection. Feature weights are calculated and cross-validation is used to analyze detection rates for individual attacks. The goal is to improve accuracy, reduce training time, and better detect minority attacks through this approach.
Attack Detection Availing Feature Discretion using Random Forest ClassifierCSEIJJournal
The widespread use of the Internet has an adverse effect of being vulnerable to cyber attacks. Defensive
mechanisms like firewalls and IDSs have evolved with a lot of research contributions happening in these
areas. Machine learning techniques have been successfully used in these defense mechanisms especially
IDSs. Although they are effective to some extent in identifying new patterns and variants of existing
malicious patterns, many attacks are still left as undetected. The objective is to develop an algorithm for
detecting malicious domains based on passive traffic measurements. In this paper, an anomaly-based
intrusion detection system based on an ensemble based machine learning classifier called Random Forest
with gradient boosting is deployed. NSL-KDD cup dataset is used for analysis and out of 41 features, 32
features were identified as significant using feature discretion.
LSTM deep learning method for network intrusion detection system IJECEIAES
The security of the network has become a primary concern for organizations. Attackers use different means to disrupt services, these various attacks push to think of a new way to block them all in one manner. In addition, these intrusions can change and penetrate the devices of security. To solve these issues, we suggest, in this paper, a new idea for Network Intrusion Detection System (NIDS) based on Long Short-Term Memory (LSTM) to recognize menaces and to obtain a long-term memory on them, in order to stop the new attacks that are like the existing ones, and at the same time, to have a single mean to block intrusions. According to the results of the experiments of detections that we have realized, the Accuracy reaches up to 99.98 % and 99.93 % for respectively the classification of two classes and several classes, also the False Positive Rate (FPR) reaches up to only 0,068 % and 0,023 % for respectively the classification of two classes and several classes, which proves that the proposed model is effective, it has a great ability to memorize and differentiate between normal traffic and attacks, and its identification is more accurate than other Machine Learning classifiers.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
This document summarizes research on using various data mining classification techniques to handle false alerts in intrusion detection systems. The researchers tested many data mining procedures on the KDD Cup 99 dataset, including multilayer perceptron neural networks, rule-based models, support vector machines, naive Bayes, and association rule mining. The best accuracy was 92% for multilayer perceptrons, but rule-based models had the fastest training time at 4 seconds. The researchers concluded that different techniques should be used together to handle different types of network attacks.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
Constructing a predictive model for an intelligent network intrusion detectionAlebachew Chiche
This document presents a study that constructs a predictive model for network intrusion detection using data mining techniques. The study uses the KDD Cup 99 intrusion detection dataset to build classification models using J48 decision tree, JRip rule induction, Naive Bayes, and multilayer perceptron algorithms. The J48 decision tree algorithm achieved the highest accuracy of 99.91% and was selected to build the predictive model. This model was then integrated with a knowledge-based system to build an intelligent network intrusion detection system capable of automatically detecting network attacks, mapping detections to attack categories, and updating the training data over time. Experimental evaluation found the integrated system achieved 91.43% accuracy and 83% user acceptance in detecting network intrusions
IRJET- Review on Network Intrusion Detection using Recurrent Neural Network A...IRJET Journal
This document presents a review of using recurrent neural networks for network intrusion detection. It begins with an introduction to intrusion detection systems and the types of attacks they aim to detect. It then discusses previous research on machine learning approaches for intrusion detection, including the use of autoencoders, support vector machines, and other classifiers. The proposed approach uses a recurrent neural network for feature selection and classification of network data. The framework involves data collection, preprocessing including feature selection, training the recurrent neural network classifier, and then using the trained model to detect attacks in new data. Experimental results on benchmark intrusion detection datasets are presented and compared to other machine learning methods.
The main goal of Intrusion Detection Systems (IDSs) is
to detect intrusions. This kind of detection system represents a
significant tool in traditional computer based systems for ensuring
cyber security. IDS model can be faster and reach more accurate
detection rates, by selecting the most related features from the
input dataset. Feature selection is an important stage of any IDs to
select the optimal subset of features that enhance the process of the
training model to become faster and reduce the complexity while
preserving or enhancing the performance of the system. In this
paper, we proposed a method that based on dividing the input
dataset into different subsets according to each attack. Then we
performed a feature selection technique using information gain
filter for each subset. Then the optimal features set is generated by
combining the list of features sets that obtained for each attack.
Experimental results that conducted on NSL-KDD dataset shows
that the proposed method for feature selection with fewer features,
make an improvement to the system accuracy while decreasing the
complexity. Moreover, a comparative study is performed to the
efficiency of technique for feature selection using different
classification methods. To enhance the overall performance,
another stage is conducted using Random Forest and PART on
voting learning algorithm. The results indicate that the best
accuracy is achieved when using the product probability rule.
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIERCSEIJJournal
This document discusses using a random forest classifier with feature selection to improve intrusion detection. It begins with background on intrusion detection systems and challenges. It then proposes using genetic algorithms for feature selection to identify the most important features from a dataset. A random forest classifier is used for classification, which combines decision trees to improve accuracy. The methodology involves feature selection, classification with random forest, and detection. Feature weights are calculated and cross-validation is used to analyze detection rates for individual attacks. The goal is to improve accuracy, reduce training time, and better detect minority attacks through this approach.
Attack Detection Availing Feature Discretion using Random Forest ClassifierCSEIJJournal
The widespread use of the Internet has an adverse effect of being vulnerable to cyber attacks. Defensive
mechanisms like firewalls and IDSs have evolved with a lot of research contributions happening in these
areas. Machine learning techniques have been successfully used in these defense mechanisms especially
IDSs. Although they are effective to some extent in identifying new patterns and variants of existing
malicious patterns, many attacks are still left as undetected. The objective is to develop an algorithm for
detecting malicious domains based on passive traffic measurements. In this paper, an anomaly-based
intrusion detection system based on an ensemble based machine learning classifier called Random Forest
with gradient boosting is deployed. NSL-KDD cup dataset is used for analysis and out of 41 features, 32
features were identified as significant using feature discretion.
LSTM deep learning method for network intrusion detection system IJECEIAES
The security of the network has become a primary concern for organizations. Attackers use different means to disrupt services, these various attacks push to think of a new way to block them all in one manner. In addition, these intrusions can change and penetrate the devices of security. To solve these issues, we suggest, in this paper, a new idea for Network Intrusion Detection System (NIDS) based on Long Short-Term Memory (LSTM) to recognize menaces and to obtain a long-term memory on them, in order to stop the new attacks that are like the existing ones, and at the same time, to have a single mean to block intrusions. According to the results of the experiments of detections that we have realized, the Accuracy reaches up to 99.98 % and 99.93 % for respectively the classification of two classes and several classes, also the False Positive Rate (FPR) reaches up to only 0,068 % and 0,023 % for respectively the classification of two classes and several classes, which proves that the proposed model is effective, it has a great ability to memorize and differentiate between normal traffic and attacks, and its identification is more accurate than other Machine Learning classifiers.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
This document summarizes research on using various data mining classification techniques to handle false alerts in intrusion detection systems. The researchers tested many data mining procedures on the KDD Cup 99 dataset, including multilayer perceptron neural networks, rule-based models, support vector machines, naive Bayes, and association rule mining. The best accuracy was 92% for multilayer perceptrons, but rule-based models had the fastest training time at 4 seconds. The researchers concluded that different techniques should be used together to handle different types of network attacks.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document presents a proposed hybrid intrusion detection system that combines k-means clustering, k-nearest neighbor classification, and decision table majority rule-based approaches. The system is evaluated on the KDD-99 dataset to detect intrusions and classify them into four categories: R2L, DoS, Probe, and U2R. The goal is to decrease the false alarm rate and increase accuracy and detection rate compared to existing intrusion detection systems. The proposed system applies k-means clustering first, then k-nearest neighbor classification, and finally decision table majority rules. Results show the proposed hybrid approach improves performance metrics compared to existing techniques.
Outstanding to the promotion of the Internet and local networks, interruption occasions to computer
systems are emerging. Intrusion detection systems are becoming progressively vital in retaining
appropriate network safety. IDS is a software or hardware device that deals with attacks by gathering
information from a numerous system and network sources, then evaluating signs of security complexities.
Enterprise networked systems are unsurprisingly unprotected to the growing threats posed by hackers as
well as malicious users inside to a network. IDS technology is one of the significant tools used now-a-days,
to counter such threat. In this research we have proposed framework by using advance feature selection
and dimensionality reduction technique we can reduce IDS data then applying Fuzzy ARTMAP classifier
we can find intrusions so that we get accurate results within less time. Feature selection, as an active
research area in decreasing dimensionality, eliminating unrelated data, developing learning correctness,
and improving result unambiguousness.
A Comparative Study of Deep Learning Approaches for Network Intrusion Detecti...IRJET Journal
This document presents a comparative study of deep learning approaches for network intrusion detection. It employs deep neural networks to predict attacks on network intrusion detection systems using the KDD Cup-99 dataset. A DNN with 3 layers demonstrated superior performance compared to other machine learning algorithms and DNNs with varying layers. The study finds that deep learning techniques can function at a superhuman level when combined with intrusion detection systems due to their ability to adapt to new data and detect novel attacks.
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
Survey of Clustering Based Detection using IDS Technique IRJET Journal
This document discusses intrusion detection systems (IDS) and different techniques used for IDS, including clustering-based detection. It first provides background on IDS, describing their purpose of detecting intruders and protecting systems. It then outlines various IDS types, including mobile agent-based, cluster-based, cryptography-based, and others. The document also summarizes related work from other papers applying data mining techniques like clustering to improve IDS detection rates and reduce false alarms. Finally, it discusses problems with current and traditional IDS, such as threshold detection leading to false positives, and false negatives where attacks are missed.
A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...IJNSA Journal
Over the past few years, intrusion protection systems have drawn a mature research area in the field of computer networks. The problem of excessive features has a significant impact on
intrusion detection performance. The use of machine learning algorithms in many previous researches has been used to identify network traffic, harmful or normal. Therefore, to obtain the accuracy, we must reduce the dimensionality of the data used. A new model design based on a combination of feature selection and machine learning algorithms is proposed in this paper. This model depends on selected genes from every feature to increase the accuracy of intrusion detection systems. We selected from features content only ones which impact in attack detection. The performance has been evaluated based on a comparison of several known algorithms. The NSL-KDD dataset is used for examining classification. The proposed model outperformed the other learning approaches with accuracy 98.8 %.
Data Mining Techniques for Providing Network Security through Intrusion Detec...IJAAS Team
Intrusion Detection Systems are playing major role in network security in this internet world. Many researchers have been introduced number of intrusion detection systems in the past. Even though, no system was detected all kind of attacks and achieved better detection accuracy. Most of the intrusion detection systems are used data mining techniques such as clustering, outlier detection, classification, classification through learning techniques. Most of the researchers have been applied soft computing techniques for making effective decision over the network dataset for enhancing the detection accuracy in Intrusion Detection System. Few researchers also applied artificial intelligence techniques along with data mining algorithms for making dynamic decision. This paper discusses about the number of intrusion detection systems that are proposed for providing network security. Finally, comparative analysis made between the existing systems and suggested some new ideas for enhancing the performance of the existing systems.
Deep learning algorithms for intrusion detection systems in internet of thin...IJECEIAES
Due to technological advancements in recent years, the availability and usage of smart electronic gadgets have drastically increased. Adoption of these smart devices for a variety of applications in our day-to-day life has become a new normal. As these devices collect and store data, which is of prime importance, securing is a mandatory requirement by being vigilant against intruders. Many traditional techniques are prevailing for the same, but they may not be a good solution for the devices with resource constraints. The impact of artificial intelligence is not negligible in this concern. This study is an attempt to understand and analyze the performance of deep learning algorithms in intrusion detection. A comparative analysis of the performance of deep neural network, convolutional neural network, and long short-term memory using the CIC-IDS 2017 dataset.
An intrusion detection system for packet and flow based networks using deep n...IJECEIAES
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest dataset available at online, formatted with packet based, flow based data and some additional metadata. The dataset is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multiclass classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
COPYRIGHTThis thesis is copyright materials protected under the .docxvoversbyobersby
COPYRIGHT
This thesis is copyright materials protected under the Berne Convection, the copyright Act 1999 and other international and national enactments in that behalf, on intellectual property. It may not be reproduced by any means in full or in part except for short extracts in fair dealing so for research or private study, critical scholarly review or discourse with acknowledgment, with written permission of the Dean School of Graduate Studies on behalf of both the author and XXX XXX University.ABSTRACT
With Fast growing internet world the risk of intrusion has also increased, as a result Intrusion Detection System (IDS) is the admired key research field. IDS are used to identify any suspicious activity or patterns in the network or machine, which endeavors the security features or compromise the machine. IDS majorly use all the features of the data. It is a keen observation that all the features are not of equal relevance for the detection of attacks. Moreover every feature does not contribute in enhancing the system performance significantly. The main aim of the work done is to develop an efficient denial of service network intrusion classification model. The specific objectives included: to analyse existing literature in intrusion detection systems; what are the techniques used to model IDS, types of network attacks, performance of various machine learning tools, how are network intrusion detection systems assessed; to find out top network traffic attributes that can be used to model denial of service intrusion detection; to develop a machine learning model for detection of denial of service network intrusion.Methods: The research design was experimental and data was collected by simulation using NSL-KDD dataset. By implementing Correlation Feature Selection (CFS) mechanism using three search algorithms, a smallest set of features is selected with all the features that are selected very frequently. Findings: The smallest subset of features chosen is the most nominal among all the feature subset found. Further, the performances using Artificial neural networks(ANN), decision trees, Support Vector Machines (SVM) and K-Nearest Neighbour (KNN) classifiers is compared for 7 subsets found by filter model and 41 attributes. Results: The outcome indicates a remarkable improvement in the performance metrics used for comparison of the two classifiers. The results show that using 17/18 selected features improves DOS types classification accuracies as compared to using the 41 features in the NSL-KDD dataset. It was further observed that using an ensemble of three classifiers with decision fusion performs better as compared to using a single classifier for DOS type’s classification. Among machine learning tools experimented, ANN achieved best classification accuracies followed by SVM and DT. KNN registered the lowest classification accuracies. Application: The proposed work with such an improved detection rate and lesser classification time and lar.
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations.
However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent
weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS
attack in IoT networks by classifying incoming network packets on the transport layer as either
“Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep
learning algorithms and two clustering algorithms were independently trained for mitigating DDoS
attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and
UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during
the experimentation phase. The accuracy score and normalized-mutual-information score are used to
quantify the classification performance of the four algorithms. Our results show that the autoencoder
performed overall best with the highest accuracy across all the datasets.
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations. However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS attack in IoT networks by classifying incoming network packets on the transport layer as either “Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep learning algorithms and two clustering algorithms were independently trained for mitigating DDoS attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during the experimentation phase. The accuracy score and normalized-mutual-information score are used to quantify the classification performance of the four algorithms. Our results show that the autoencoder performed overall best with the highest accuracy across all the datasets.
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
The document proposes a signature-based intrusion detection system using multithreading. It captures network packets and analyzes them for intrusions by comparing signatures to databases of known attacks. A multithreaded design is suggested to improve performance by processing packets in parallel threads. Agents would be deployed on the network with detection modules that use caching of frequent signatures to speed up analysis. An update module would transfer new frequent signatures to the caches.
Network Intrusion Detection System using Machine LearningIRJET Journal
This document discusses using machine learning algorithms to develop a network intrusion detection system (IDS). It analyzes different machine learning algorithms like support vector machines (SVM) and naive bayes and evaluates their performance on detecting intrusions using the NSL-KDD dataset. The paper reviews related work applying machine learning to IDS and discusses algorithms like SVM and naive bayes in more detail. It proposes developing a hybrid multi-level model to improve accuracy and handling large volumes of data. The system architecture and conclusions are also summarized.
An Efficient Intrusion Detection System with Custom Features using FPA-Gradie...IJCNCJournal
An efficient Intrusion Detection System has to be given high priority while connecting systems with a network to prevent the system before an attack happens. It is a big challenge to the network security group to prevent the system from a variable types of new attacks as technology is growing in parallel. In this paper, an efficient model to detect Intrusion is proposed to predict attacks with high accuracy and less false-negative rate by deriving custom features UNSW-CF by using the benchmark intrusion dataset UNSW-NB15. To reduce the learning complexity, Custom Features are derived and then Significant Features are constructed by applying meta-heuristic FPA (Flower Pollination algorithm) and MRMR (Minimal Redundancy and Maximum Redundancy) which reduces learning time and also increases prediction accuracy. ENC (ElasicNet Classifier), KRRC (Kernel Ridge Regression Classifier), IGBC (Improved Gradient Boosting Classifier) is employed to classify the attacks in the datasets UNSW-CF, UNSW and recorded that UNSW-CF with derived custom features using IGBC integrated with FPA provided high accuracy of 97.38% and a low error rate of 2.16%. Also, the sensitivity and specificity rate for IGB attains a high rate of 97.32% and 97.50% respectively.
AN EFFICIENT INTRUSION DETECTION SYSTEM WITH CUSTOM FEATURES USING FPA-GRADIE...IJCNCJournal
An efficient Intrusion Detection System has to be given high priority while connecting systems with a network to prevent the system before an attack happens. It is a big challenge to the network security group to prevent the system from a variable types of new attacks as technology is growing in parallel. In this paper, an efficient model to detect Intrusion is proposed to predict attacks with high accuracy and less false-negative rate by deriving custom features UNSW-CF by using the benchmark intrusion dataset UNSW-NB15. To reduce the learning complexity, Custom Features are derived and then Significant Features are constructed by applying meta-heuristic FPA (Flower Pollination algorithm) and MRMR (Minimal Redundancy and Maximum Redundancy) which reduces learning time and also increases prediction accuracy. ENC (ElasicNet Classifier), KRRC (Kernel Ridge Regression Classifier), IGBC (Improved Gradient Boosting Classifier) is employed to classify the attacks in the datasets UNSW-CF, UNSW and recorded that UNSW-CF with derived custom features using IGBC integrated with FPA provided high accuracy of 97.38% and a low error rate of 2.16%. Also, the sensitivity and specificity rate for IGB attains a high rate of 97.32% and 97.50% respectively.
RTL-DL: A HYBRID DEEP LEARNING FRAMEWORK FOR DDOS ATTACK DETECTION IN A BIG D...IJCNCJournal
The document presents a new framework called RTL-DL for detecting DDoS attacks using a hybrid deep learning approach. It aims to address issues with existing datasets like class imbalance and irrelevant features. The proposed model uses random oversampling and TomekLinks under-sampling (RTL) to handle class imbalance in the CICIDS2017 dataset. It also uses an information gain feature selection technique to select important features. The model achieves high performance metrics in detecting DDoS attacks compared to other approaches. It is more computationally efficient due to reduced processing time from using the RTL algorithm. The framework makes an important contribution to addressing DDoS detection challenges in big data environments.
RTL-DL: A Hybrid Deep Learning Framework for DDoS Attack Detection in a Big D...IJCNCJournal
A distributed denial of service (DDoS) attack is one of the most common cyber threats to the Internet of Things (IoT). Several deep learning (DL) techniques have been utilized in intrusion detection systems to prevent DDoS attacks. However, their performance is greatly affected by a large class mbalance nature of the training datasets as well as the presence of redundant and irrelevant features in them. This study proposes RTL-DL, a new framework for an effective intrusion detection model based on the random oversampling technique and the Tomek-Links sampling technique (RTL), to minimize the effects of data imbalance in the CICIDS2017 dataset used to evaluate the proposed model. This study achieved 98.3% accuracy, 98.8% precision, 98.3% recall, 97.8% f-score, and 4.6% hamming loss. In comparison to current approaches, the uggested model has demonstrated romising results in identifying network threats in imbalanced data sets.
The Practical Data Mining Model for Efficient IDS through Relational DatabasesIJRES Journal
Enterprise network information system is not only the platform for information sharing and information exchanging, but also the platform for enterprise production automation system and enterprise management system working together. As a result, the security defense of enterprise network information system does not only include information system network security and data security, but also include the security of network business running on information system network, which is the confidentiality, integrity, continuity and real-time of network business. Network security technology has become crucial in protecting government and industry computing infrastructure. Modern intrusion detection applications face complex requirements – they need to be reliable, extensible, easy to manage, and have low maintenance cost. In recent years, data mining-based intrusion detection systems (IDSs) have demonstrated high accuracy, good generalization to novel types of intrusion, and robust behavior in a changing environment. Still, significant challenges exist in the design and implementation of production quality IDSs. Incrementing components such as data transformations, model deployment, and cooperative distributed detection remain a labor intensive and complex engineering endeavor. This paper describes DAID, a database-centric architecture that leverages data mining within the Relational RDBMS to address these challenges. DAID also offers numerous advantages in terms of scheduling capabilities, alert infrastructure, data analysis tools, security, scalability, and reliability. DAID is illustrated with an Intrusion Detection Center application prototype that leverages existing functionality in Relational Database 10g. Intrusion detection system work at many levels in the network fabric and are taking the concept of security to a whole new sphere by incorporating intelligence as a tool to protect networks against un-authorized intrusions and newer forms of attack. We have described formal model for the construction of network security situation measurement based on d-s evidence theory, frequent mode, and sequence model extracted from the data on network security situation based on the knowledge found method and convert the pattern on the related rules of the network security situation, and automatic generation of network security situation.
Call for Papers -International Journal of Computer Networks & Communications ...IJCNCJournal
International Journal of Computer Networks & Communications (IJCNC)
Citations, h-index, i10-index of IJCNC
---- Scopus, ERA Listed, WJCI Indexed ----
Scopus Cite Score 2022--1.8
https://airccse.org/journal/ijcnc.html
IJCNC is listed in ERA 2023 as per the Australian Research Council (ARC) Journal Ranking
Scope & Topics
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
Authors are solicited to contribute to this journal by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the Computer Networks & Communications.
Topics of Interest
· Network Protocols & Wireless Networks
· Network Architectures
· High speed networks
· Routing, switching and addressing techniques
· Next Generation Internet
· Next Generation Web Architectures
· Network Operations & management
· Adhoc and sensor networks
· Internet and Web applications
· Ubiquitous networks
· Mobile networks & Wireless LAN
· Wireless Multimedia systems
· Wireless communications
· Heterogeneous wireless networks
· Measurement & Performance Analysis
· Peer to peer and overlay networks
· QoS and Resource Management
· Network Based applications
· Network Security
· Self-Organizing Networks and Networked Systems
· Optical Networking
· Mobile & Broadband Wireless Internet
· Recent trends & Developments in Computer Networks
Paper Submission
Authors are invited to submit papers for this journal through E-mail: ijcnc@airccse.org or through Submission System. Submissions must be original and should not have been published previously or be under consideration for publication while being evaluated for this Journal.
Important Dates
· Submission Deadline : June 22, 2024
· Notification : July 22, 2024
· Final Manuscript Due : July 29, 2024
· Publication Date : Determined by the Editor-in-Chief
Contact Us
Here's where you can reach us: ijcnc@airccse.org or ijcnc@aircconline.com
For other details please visit - http://airccse.org/journal/ijcnc.html
Rendezvous Sequence Generation Algorithm for Cognitive Radio Networks in Post...IJCNCJournal
Recent natural disasters have inflicted tremendous damage on humanity, with their scale progressively increasing and leading to numerous casualties. Events such as earthquakes can trigger secondary disasters, such as tsunamis, further complicating the situation by destroying communication infrastructures. This destruction impedes the dissemination of information about secondary disasters and complicates post-disaster rescue efforts. Consequently, there is an urgent demand for technologies capable of substituting for these destroyed communication infrastructures. This paper proposes a technique for generating rendezvous sequences to swiftly reconnect communication infrastructures in post-disaster scenarios. We compare the time required for rendezvous using the proposed technique against existing methods and analyze the average time taken to establish links with the rendezvous technique, discussing its significance. This research presents a novel approach enabling rapid recovery of destroyed communication infrastructures in disaster environments through Cognitive Radio Network (CRN) technology, showcasing the potential to significantly improve disaster response and recovery efforts. The proposed method reduces the time for the rendezvous compared to existing methods, suggesting that it can enhance the efficiency of rescue operations in post-disaster scenarios and contribute to life-saving efforts.
Más contenido relacionado
Similar a Feature Selection using the Concept of Peafowl Mating in IDS
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document presents a proposed hybrid intrusion detection system that combines k-means clustering, k-nearest neighbor classification, and decision table majority rule-based approaches. The system is evaluated on the KDD-99 dataset to detect intrusions and classify them into four categories: R2L, DoS, Probe, and U2R. The goal is to decrease the false alarm rate and increase accuracy and detection rate compared to existing intrusion detection systems. The proposed system applies k-means clustering first, then k-nearest neighbor classification, and finally decision table majority rules. Results show the proposed hybrid approach improves performance metrics compared to existing techniques.
Outstanding to the promotion of the Internet and local networks, interruption occasions to computer
systems are emerging. Intrusion detection systems are becoming progressively vital in retaining
appropriate network safety. IDS is a software or hardware device that deals with attacks by gathering
information from a numerous system and network sources, then evaluating signs of security complexities.
Enterprise networked systems are unsurprisingly unprotected to the growing threats posed by hackers as
well as malicious users inside to a network. IDS technology is one of the significant tools used now-a-days,
to counter such threat. In this research we have proposed framework by using advance feature selection
and dimensionality reduction technique we can reduce IDS data then applying Fuzzy ARTMAP classifier
we can find intrusions so that we get accurate results within less time. Feature selection, as an active
research area in decreasing dimensionality, eliminating unrelated data, developing learning correctness,
and improving result unambiguousness.
A Comparative Study of Deep Learning Approaches for Network Intrusion Detecti...IRJET Journal
This document presents a comparative study of deep learning approaches for network intrusion detection. It employs deep neural networks to predict attacks on network intrusion detection systems using the KDD Cup-99 dataset. A DNN with 3 layers demonstrated superior performance compared to other machine learning algorithms and DNNs with varying layers. The study finds that deep learning techniques can function at a superhuman level when combined with intrusion detection systems due to their ability to adapt to new data and detect novel attacks.
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
Survey of Clustering Based Detection using IDS Technique IRJET Journal
This document discusses intrusion detection systems (IDS) and different techniques used for IDS, including clustering-based detection. It first provides background on IDS, describing their purpose of detecting intruders and protecting systems. It then outlines various IDS types, including mobile agent-based, cluster-based, cryptography-based, and others. The document also summarizes related work from other papers applying data mining techniques like clustering to improve IDS detection rates and reduce false alarms. Finally, it discusses problems with current and traditional IDS, such as threshold detection leading to false positives, and false negatives where attacks are missed.
A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...IJNSA Journal
Over the past few years, intrusion protection systems have drawn a mature research area in the field of computer networks. The problem of excessive features has a significant impact on
intrusion detection performance. The use of machine learning algorithms in many previous researches has been used to identify network traffic, harmful or normal. Therefore, to obtain the accuracy, we must reduce the dimensionality of the data used. A new model design based on a combination of feature selection and machine learning algorithms is proposed in this paper. This model depends on selected genes from every feature to increase the accuracy of intrusion detection systems. We selected from features content only ones which impact in attack detection. The performance has been evaluated based on a comparison of several known algorithms. The NSL-KDD dataset is used for examining classification. The proposed model outperformed the other learning approaches with accuracy 98.8 %.
Data Mining Techniques for Providing Network Security through Intrusion Detec...IJAAS Team
Intrusion Detection Systems are playing major role in network security in this internet world. Many researchers have been introduced number of intrusion detection systems in the past. Even though, no system was detected all kind of attacks and achieved better detection accuracy. Most of the intrusion detection systems are used data mining techniques such as clustering, outlier detection, classification, classification through learning techniques. Most of the researchers have been applied soft computing techniques for making effective decision over the network dataset for enhancing the detection accuracy in Intrusion Detection System. Few researchers also applied artificial intelligence techniques along with data mining algorithms for making dynamic decision. This paper discusses about the number of intrusion detection systems that are proposed for providing network security. Finally, comparative analysis made between the existing systems and suggested some new ideas for enhancing the performance of the existing systems.
Deep learning algorithms for intrusion detection systems in internet of thin...IJECEIAES
Due to technological advancements in recent years, the availability and usage of smart electronic gadgets have drastically increased. Adoption of these smart devices for a variety of applications in our day-to-day life has become a new normal. As these devices collect and store data, which is of prime importance, securing is a mandatory requirement by being vigilant against intruders. Many traditional techniques are prevailing for the same, but they may not be a good solution for the devices with resource constraints. The impact of artificial intelligence is not negligible in this concern. This study is an attempt to understand and analyze the performance of deep learning algorithms in intrusion detection. A comparative analysis of the performance of deep neural network, convolutional neural network, and long short-term memory using the CIC-IDS 2017 dataset.
An intrusion detection system for packet and flow based networks using deep n...IJECEIAES
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest dataset available at online, formatted with packet based, flow based data and some additional metadata. The dataset is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multiclass classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
COPYRIGHTThis thesis is copyright materials protected under the .docxvoversbyobersby
COPYRIGHT
This thesis is copyright materials protected under the Berne Convection, the copyright Act 1999 and other international and national enactments in that behalf, on intellectual property. It may not be reproduced by any means in full or in part except for short extracts in fair dealing so for research or private study, critical scholarly review or discourse with acknowledgment, with written permission of the Dean School of Graduate Studies on behalf of both the author and XXX XXX University.ABSTRACT
With Fast growing internet world the risk of intrusion has also increased, as a result Intrusion Detection System (IDS) is the admired key research field. IDS are used to identify any suspicious activity or patterns in the network or machine, which endeavors the security features or compromise the machine. IDS majorly use all the features of the data. It is a keen observation that all the features are not of equal relevance for the detection of attacks. Moreover every feature does not contribute in enhancing the system performance significantly. The main aim of the work done is to develop an efficient denial of service network intrusion classification model. The specific objectives included: to analyse existing literature in intrusion detection systems; what are the techniques used to model IDS, types of network attacks, performance of various machine learning tools, how are network intrusion detection systems assessed; to find out top network traffic attributes that can be used to model denial of service intrusion detection; to develop a machine learning model for detection of denial of service network intrusion.Methods: The research design was experimental and data was collected by simulation using NSL-KDD dataset. By implementing Correlation Feature Selection (CFS) mechanism using three search algorithms, a smallest set of features is selected with all the features that are selected very frequently. Findings: The smallest subset of features chosen is the most nominal among all the feature subset found. Further, the performances using Artificial neural networks(ANN), decision trees, Support Vector Machines (SVM) and K-Nearest Neighbour (KNN) classifiers is compared for 7 subsets found by filter model and 41 attributes. Results: The outcome indicates a remarkable improvement in the performance metrics used for comparison of the two classifiers. The results show that using 17/18 selected features improves DOS types classification accuracies as compared to using the 41 features in the NSL-KDD dataset. It was further observed that using an ensemble of three classifiers with decision fusion performs better as compared to using a single classifier for DOS type’s classification. Among machine learning tools experimented, ANN achieved best classification accuracies followed by SVM and DT. KNN registered the lowest classification accuracies. Application: The proposed work with such an improved detection rate and lesser classification time and lar.
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations.
However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent
weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS
attack in IoT networks by classifying incoming network packets on the transport layer as either
“Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep
learning algorithms and two clustering algorithms were independently trained for mitigating DDoS
attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and
UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during
the experimentation phase. The accuracy score and normalized-mutual-information score are used to
quantify the classification performance of the four algorithms. Our results show that the autoencoder
performed overall best with the highest accuracy across all the datasets.
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations. However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS attack in IoT networks by classifying incoming network packets on the transport layer as either “Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep learning algorithms and two clustering algorithms were independently trained for mitigating DDoS attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during the experimentation phase. The accuracy score and normalized-mutual-information score are used to quantify the classification performance of the four algorithms. Our results show that the autoencoder performed overall best with the highest accuracy across all the datasets.
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
The document proposes a signature-based intrusion detection system using multithreading. It captures network packets and analyzes them for intrusions by comparing signatures to databases of known attacks. A multithreaded design is suggested to improve performance by processing packets in parallel threads. Agents would be deployed on the network with detection modules that use caching of frequent signatures to speed up analysis. An update module would transfer new frequent signatures to the caches.
Network Intrusion Detection System using Machine LearningIRJET Journal
This document discusses using machine learning algorithms to develop a network intrusion detection system (IDS). It analyzes different machine learning algorithms like support vector machines (SVM) and naive bayes and evaluates their performance on detecting intrusions using the NSL-KDD dataset. The paper reviews related work applying machine learning to IDS and discusses algorithms like SVM and naive bayes in more detail. It proposes developing a hybrid multi-level model to improve accuracy and handling large volumes of data. The system architecture and conclusions are also summarized.
An Efficient Intrusion Detection System with Custom Features using FPA-Gradie...IJCNCJournal
An efficient Intrusion Detection System has to be given high priority while connecting systems with a network to prevent the system before an attack happens. It is a big challenge to the network security group to prevent the system from a variable types of new attacks as technology is growing in parallel. In this paper, an efficient model to detect Intrusion is proposed to predict attacks with high accuracy and less false-negative rate by deriving custom features UNSW-CF by using the benchmark intrusion dataset UNSW-NB15. To reduce the learning complexity, Custom Features are derived and then Significant Features are constructed by applying meta-heuristic FPA (Flower Pollination algorithm) and MRMR (Minimal Redundancy and Maximum Redundancy) which reduces learning time and also increases prediction accuracy. ENC (ElasicNet Classifier), KRRC (Kernel Ridge Regression Classifier), IGBC (Improved Gradient Boosting Classifier) is employed to classify the attacks in the datasets UNSW-CF, UNSW and recorded that UNSW-CF with derived custom features using IGBC integrated with FPA provided high accuracy of 97.38% and a low error rate of 2.16%. Also, the sensitivity and specificity rate for IGB attains a high rate of 97.32% and 97.50% respectively.
AN EFFICIENT INTRUSION DETECTION SYSTEM WITH CUSTOM FEATURES USING FPA-GRADIE...IJCNCJournal
An efficient Intrusion Detection System has to be given high priority while connecting systems with a network to prevent the system before an attack happens. It is a big challenge to the network security group to prevent the system from a variable types of new attacks as technology is growing in parallel. In this paper, an efficient model to detect Intrusion is proposed to predict attacks with high accuracy and less false-negative rate by deriving custom features UNSW-CF by using the benchmark intrusion dataset UNSW-NB15. To reduce the learning complexity, Custom Features are derived and then Significant Features are constructed by applying meta-heuristic FPA (Flower Pollination algorithm) and MRMR (Minimal Redundancy and Maximum Redundancy) which reduces learning time and also increases prediction accuracy. ENC (ElasicNet Classifier), KRRC (Kernel Ridge Regression Classifier), IGBC (Improved Gradient Boosting Classifier) is employed to classify the attacks in the datasets UNSW-CF, UNSW and recorded that UNSW-CF with derived custom features using IGBC integrated with FPA provided high accuracy of 97.38% and a low error rate of 2.16%. Also, the sensitivity and specificity rate for IGB attains a high rate of 97.32% and 97.50% respectively.
RTL-DL: A HYBRID DEEP LEARNING FRAMEWORK FOR DDOS ATTACK DETECTION IN A BIG D...IJCNCJournal
The document presents a new framework called RTL-DL for detecting DDoS attacks using a hybrid deep learning approach. It aims to address issues with existing datasets like class imbalance and irrelevant features. The proposed model uses random oversampling and TomekLinks under-sampling (RTL) to handle class imbalance in the CICIDS2017 dataset. It also uses an information gain feature selection technique to select important features. The model achieves high performance metrics in detecting DDoS attacks compared to other approaches. It is more computationally efficient due to reduced processing time from using the RTL algorithm. The framework makes an important contribution to addressing DDoS detection challenges in big data environments.
RTL-DL: A Hybrid Deep Learning Framework for DDoS Attack Detection in a Big D...IJCNCJournal
A distributed denial of service (DDoS) attack is one of the most common cyber threats to the Internet of Things (IoT). Several deep learning (DL) techniques have been utilized in intrusion detection systems to prevent DDoS attacks. However, their performance is greatly affected by a large class mbalance nature of the training datasets as well as the presence of redundant and irrelevant features in them. This study proposes RTL-DL, a new framework for an effective intrusion detection model based on the random oversampling technique and the Tomek-Links sampling technique (RTL), to minimize the effects of data imbalance in the CICIDS2017 dataset used to evaluate the proposed model. This study achieved 98.3% accuracy, 98.8% precision, 98.3% recall, 97.8% f-score, and 4.6% hamming loss. In comparison to current approaches, the uggested model has demonstrated romising results in identifying network threats in imbalanced data sets.
The Practical Data Mining Model for Efficient IDS through Relational DatabasesIJRES Journal
Enterprise network information system is not only the platform for information sharing and information exchanging, but also the platform for enterprise production automation system and enterprise management system working together. As a result, the security defense of enterprise network information system does not only include information system network security and data security, but also include the security of network business running on information system network, which is the confidentiality, integrity, continuity and real-time of network business. Network security technology has become crucial in protecting government and industry computing infrastructure. Modern intrusion detection applications face complex requirements – they need to be reliable, extensible, easy to manage, and have low maintenance cost. In recent years, data mining-based intrusion detection systems (IDSs) have demonstrated high accuracy, good generalization to novel types of intrusion, and robust behavior in a changing environment. Still, significant challenges exist in the design and implementation of production quality IDSs. Incrementing components such as data transformations, model deployment, and cooperative distributed detection remain a labor intensive and complex engineering endeavor. This paper describes DAID, a database-centric architecture that leverages data mining within the Relational RDBMS to address these challenges. DAID also offers numerous advantages in terms of scheduling capabilities, alert infrastructure, data analysis tools, security, scalability, and reliability. DAID is illustrated with an Intrusion Detection Center application prototype that leverages existing functionality in Relational Database 10g. Intrusion detection system work at many levels in the network fabric and are taking the concept of security to a whole new sphere by incorporating intelligence as a tool to protect networks against un-authorized intrusions and newer forms of attack. We have described formal model for the construction of network security situation measurement based on d-s evidence theory, frequent mode, and sequence model extracted from the data on network security situation based on the knowledge found method and convert the pattern on the related rules of the network security situation, and automatic generation of network security situation.
Similar a Feature Selection using the Concept of Peafowl Mating in IDS (20)
Call for Papers -International Journal of Computer Networks & Communications ...IJCNCJournal
International Journal of Computer Networks & Communications (IJCNC)
Citations, h-index, i10-index of IJCNC
---- Scopus, ERA Listed, WJCI Indexed ----
Scopus Cite Score 2022--1.8
https://airccse.org/journal/ijcnc.html
IJCNC is listed in ERA 2023 as per the Australian Research Council (ARC) Journal Ranking
Scope & Topics
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
Authors are solicited to contribute to this journal by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the Computer Networks & Communications.
Topics of Interest
· Network Protocols & Wireless Networks
· Network Architectures
· High speed networks
· Routing, switching and addressing techniques
· Next Generation Internet
· Next Generation Web Architectures
· Network Operations & management
· Adhoc and sensor networks
· Internet and Web applications
· Ubiquitous networks
· Mobile networks & Wireless LAN
· Wireless Multimedia systems
· Wireless communications
· Heterogeneous wireless networks
· Measurement & Performance Analysis
· Peer to peer and overlay networks
· QoS and Resource Management
· Network Based applications
· Network Security
· Self-Organizing Networks and Networked Systems
· Optical Networking
· Mobile & Broadband Wireless Internet
· Recent trends & Developments in Computer Networks
Paper Submission
Authors are invited to submit papers for this journal through E-mail: ijcnc@airccse.org or through Submission System. Submissions must be original and should not have been published previously or be under consideration for publication while being evaluated for this Journal.
Important Dates
· Submission Deadline : June 22, 2024
· Notification : July 22, 2024
· Final Manuscript Due : July 29, 2024
· Publication Date : Determined by the Editor-in-Chief
Contact Us
Here's where you can reach us: ijcnc@airccse.org or ijcnc@aircconline.com
For other details please visit - http://airccse.org/journal/ijcnc.html
Rendezvous Sequence Generation Algorithm for Cognitive Radio Networks in Post...IJCNCJournal
Recent natural disasters have inflicted tremendous damage on humanity, with their scale progressively increasing and leading to numerous casualties. Events such as earthquakes can trigger secondary disasters, such as tsunamis, further complicating the situation by destroying communication infrastructures. This destruction impedes the dissemination of information about secondary disasters and complicates post-disaster rescue efforts. Consequently, there is an urgent demand for technologies capable of substituting for these destroyed communication infrastructures. This paper proposes a technique for generating rendezvous sequences to swiftly reconnect communication infrastructures in post-disaster scenarios. We compare the time required for rendezvous using the proposed technique against existing methods and analyze the average time taken to establish links with the rendezvous technique, discussing its significance. This research presents a novel approach enabling rapid recovery of destroyed communication infrastructures in disaster environments through Cognitive Radio Network (CRN) technology, showcasing the potential to significantly improve disaster response and recovery efforts. The proposed method reduces the time for the rendezvous compared to existing methods, suggesting that it can enhance the efficiency of rescue operations in post-disaster scenarios and contribute to life-saving efforts.
Blockchain Enforced Attribute based Access Control with ZKP for Healthcare Se...IJCNCJournal
The relationship between doctors and patients is reinforced through the expanded communication channels provided by remote healthcare services, resulting in heightened patient satisfaction and loyalty. Nonetheless, the growth of these services is hampered by security and privacy challenges they confront. Additionally, patient electronic health records (EHR) information is dispersed across multiple hospitals in different formats, undermining data sovereignty. It allows any service to assert authority over their EHR, effectively controlling its usage. This paper proposes a blockchain enforced attribute-based access control in healthcare service. To enhance the privacy and data-sovereignty, the proposed system employs attribute-based access control, zero-knowledge proof (ZKP) and blockchain. The role of data within our system is pivotal in defining attributes. These attributes, in turn, form the fundamental basis for access control criteria. Blockchain is used to keep hospital information in public chain but EHR related data in private chain. Furthermore, EHR provides access control by using the attributed based cryptosystem before they are stored in the blockchain. Analysis shows that the proposed system provides data sovereignty with privacy provision based on the attributed based access control.
EECRPSID: Energy-Efficient Cluster-Based Routing Protocol with a Secure Intru...IJCNCJournal
A revolutionary idea that has gained significance in technology for Internet of Things (IoT) networks backed by WSNs is the " Energy-Efficient Cluster-Based Routing Protocol with a Secure Intrusion Detection" (EECRPSID). A WSN-powered IoT infrastructure's hardware foundation is hardware with autonomous sensing capabilities. The significant features of the proposed technology are intelligent environment sensing, independent data collection, and information transfer to connected devices. However, hardware flaws and issues with energy consumption may be to blame for device failures in WSN-assisted IoT networks. This can potentially obstruct the transfer of data. A reliable route significantly reduces data retransmissions, which reduces traffic and conserves energy. The sensor hardware is often widely dispersed by IoT networks that enable WSNs. Data duplication could occur if numerous sensor devices are used to monitor a location. Finding a solution to this issue by using clustering. Clustering lessens network traffic while retaining path dependability compared to the multipath technique. To relieve duplicate data in EECRPSID, we applied the clustering technique. The multipath strategy might make the provided protocol more dependable. Using the EECRPSID algorithm, will reduce the overall energy consumption, minimize the End-to-end delay to 0.14s, achieve a 99.8% Packet Delivery Ratio, and the network's lifespan will be increased. The NS2 simulator is used to run the whole set of simulations. The EECRPSID method has been implemented in NS2, and simulated results indicate that comparing the other three technologies improves the performance measures.
Analysis and Evolution of SHA-1 Algorithm - Analytical TechniqueIJCNCJournal
A 160-bit (20-byte) hash value, sometimes called a message digest, is generated using the SHA-1 (Secure Hash Algorithm 1) hash function in cryptography. This value is commonly represented as 40 hexadecimal digits. It is a Federal Information Processing Standard in the United States and was developed by the National Security Agency. Although it has been cryptographically cracked, the technique is still in widespread usage. In this work, we conduct a detailed and practical analysis of the SHA-1 algorithm's theoretical elements and show how they have been implemented through the use of several different hash configurations.
Optimizing CNN-BiGRU Performance: Mish Activation and Comparative AnalysisIJCNCJournal
Deep learning is currently extensively employed across a range of research domains. The continuous advancements in deep learning techniques contribute to solving intricate challenges. Activation functions (AF) are fundamental components within neural networks, enabling them to capture complex patterns and relationships in the data. By introducing non-linearities, AF empowers neural networks to model and adapt to the diverse and nuanced nature of real-world data, enhancing their ability to make accurate predictions across various tasks. In the context of intrusion detection, the Mish, a recent AF, was implemented in the CNN-BiGRU model, using three datasets: ASNM-TUN, ASNM-CDX, and HOGZILLA. The comparison with Rectified Linear Unit (ReLU), a widely used AF, revealed that Mish outperforms ReLU, showcasing superior performance across the evaluated datasets. This study illuminates the effectiveness of AF in elevating the performance of intrusion detection systems.
An Hybrid Framework OTFS-OFDM Based on Mobile Speed EstimationIJCNCJournal
The Future wireless communication systems face the challenging task of simultaneously providing high-quality service (QoS) and broadband data transmission, while also minimizing power consumption, latency, and system complexity. Although Orthogonal Frequency Division Multiplexing (OFDM) has been widely adopted in 4G and 5G systems, it struggles to cope with a significant delay and Doppler spread in high mobility scenarios. To address these challenges, a novel waveform named Orthogonal Time Frequency Space (OTFS). Designers aim to outperform OFDM by closely aligning signals with the channel behaviour. In this paper, we propose a switching strategy that empowers operators to select the most appropriate waveform based on an estimated speed of the mobile user. This strategy enables the base station to dynamically choose the waveform that best suits the mobile user’s speed. Additionally, we suggest retaining an Integrated Sensing and Communication (ISAC) radar approach for accurate Doppler estimation. This provides precise information to facilitate the waveform selection procedure. By leveraging the switching strategy and harnessing the Doppler estimation capabilities of an ISAC radar.Our proposed approach aims to enhance the performance of wireless communication systems in high mobility cases. Considering the complexity of waveform processing, we introduce an optimized hybrid system that combines OTFS and OFDM, resulting in reduced complexity while still retaining performance benefits.This hybrid system presents a promising solution for improving the performance of wireless communication systems in higher mobility.The simulation results validate the effectiveness of our approach, demonstrating its potential advantages for future wireless communication systems. The effectiveness of the proposed approach is validated by simulation results as it will be illustrated.
Enhanced Traffic Congestion Management with Fog Computing - A Simulation-Base...IJCNCJournal
Accurate latency computation is essential for the Internet of Things (IoT) since the connected devices generate a vast amount of data that is processed on cloud infrastructure. However, the cloud is not an optimal solution. To overcome this issue, fog computing is used to enable processing at the edge while still allowing communication with the cloud. Many applications rely on fog computing, including traffic management. In this paper, an Intelligent Traffic Congestion Mitigation System (ITCMS) is proposed to address traffic congestion in heavily populated smart cities. The proposed system is implemented using fog computing and tested in a crowdedCairo city. The results obtained indicate that the execution time of the simulation is 4,538 seconds, and the delay in the application loop is 49.67 seconds. The paper addresses various issues, including CPU usage, heap memory usage, throughput, and the total average delay, which are essential for evaluating the performance of the ITCMS. Our system model is also compared with other models to assess its performance. A comparison is made using two parameters, namely throughput and the total average delay, between the ITCMS, IOV (Internet of Vehicle), and STL (Seasonal-Trend Decomposition Procedure based on LOESS). Consequently, the results confirm that the proposed system outperforms the others in terms of higher accuracy, lower latency, and improved traffic efficiency.
Rendezvous Sequence Generation Algorithm for Cognitive Radio Networks in Post...IJCNCJournal
Recent natural disasters have inflicted tremendous damage on humanity, with their scale progressively increasing and leading to numerous casualties. Events such as earthquakes can trigger secondary disasters, such as tsunamis, further complicating the situation by destroying communication infrastructures. This destruction impedes the dissemination of information about secondary disasters and complicates post-disaster rescue efforts. Consequently, there is an urgent demand for technologies capable of substituting for these destroyed communication infrastructures. This paper proposes a technique for generating rendezvous sequences to swiftly reconnect communication infrastructures in post-disaster scenarios. We compare the time required for rendezvous using the proposed technique against existing methods and analyze the average time taken to establish links with the rendezvous technique, discussing its significance. This research presents a novel approach enabling rapid recovery of destroyed communication infrastructures in disaster environments through Cognitive Radio Network (CRN) technology, showcasing the potential to significantly improve disaster response and recovery efforts. The proposed method reduces the time for the rendezvous compared to existing methods, suggesting that it can enhance the efficiency of rescue operations in post-disaster scenarios and contribute to life-saving efforts.
Vehicle Ad Hoc Networks (VANETs) have become a viable technology to improve traffic flow and safety on the roads. Due to its effectiveness and scalability, the Wingsuit Search-based Optimised Link State Routing Protocol (WS-OLSR) is frequently used for data distribution in VANETs. However, the selection of MultiPoint Relays (MPRs) plays a pivotal role in WS-OLSR's performance. This paper presents an improved MPR selection algorithm tailored to WS-OLSR, designed to enhance the overall routing efficiency and reduce overhead. The analysis found that the current OLSR protocol has problems such as redundancy of HELLO and TC message packets or failure to update routing information in time, so a WS-OLSR routing protocol based on improved-MPR selection algorithm was proposed. Firstly, factors such as node mobility and link changes are comprehensively considered to reflect network topology changes, and the broadcast cycle of node HELLO messages is controlled through topology changes. Secondly, a new MPR selection algorithm is proposed, considering link stability issues and nodes. Finally, evaluate its effectiveness in terms of packet delivery ratio, end-to-end delay, and control message overhead. Simulation results demonstrate the superior performance of our improved MR selection algorithm when compared to traditional approaches.
May 2024, Volume 16, Number 3 - The International Journal of Computer Network...IJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
Vehicle Ad Hoc Networks (VANETs) have become a viable technology to improve traffic flow and safety on the roads. Due to its effectiveness and scalability, the Wingsuit Search-based Optimised Link State Routing Protocol (WS-OLSR) is frequently used for data distribution in VANETs. However, the selection of MultiPoint Relays (MPRs) plays a pivotal role in WS-OLSR's performance. This paper presents an improved MPR selection algorithm tailored to WS-OLSR, designed to enhance the overall routing efficiency and reduce overhead. The analysis found that the current OLSR protocol has problems such as redundancy of HELLO and TC message packets or failure to update routing information in time, so a WS-OLSR routing protocol based on improved-MPR selection algorithm was proposed. Firstly, factors such as node mobility and link changes are comprehensively considered to reflect network topology changes, and the broadcast cycle of node HELLO messages is controlled through topology changes. Secondly, a new MPR selection algorithm is proposed, considering link stability issues and nodes. Finally, evaluate its effectiveness in terms of packet delivery ratio, end-to-end delay, and control message overhead. Simulation results demonstrate the superior performance of our improved MR selection algorithm when compared to traditional approaches.
A Novel Medium Access Control Strategy for Heterogeneous Traffic in Wireless ...IJCNCJournal
So far, Wireless Body Area Networks (WBANs) have played a pivotal role in driving the development of intelligent healthcare systems with broad applicability across various domains. Each WBAN consists of one or more types of sensors that can be embedded in clothing, attached directly to the body, or even implanted beneath an individual's skin. These sensors typically serve asingle application. However, the traffic generated by each sensor may have distinct requirements. This diversity necessitates a dual approach: tailored treatment based on the specific needs of each traffic typeand the fulfillment of application requirements, such asreliability and timeliness. Never the less, the presence of energy constraints and the unreliable nature of wireless communications make QoS provisioning under such networks a non-trivial task. In this context, the current paper introduces a novel Medium AccessControl (MAC) strategy for the regular traffic applications of WBANs, designed to significantly enhance efficiency when compared to the established MAC protocols IEEE 802.15.4 and IEEE 802.15.6, with a particular focus on improving reliability, timeliness, and energy efficiency.
May_2024 Top 10 Read Articles in Computer Networks & Communications.pdfIJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
A Topology Control Algorithm Taking into Account Energy and Quality of Transm...IJCNCJournal
The efficient use of energy in wireless sensor networks is critical for extending node lifetime. The network topology is one of the factors that have a significant impact on the energy usage at the nodes and the quality of transmission (QoT) in the network. We propose a topology control algorithm for software-defined wireless sensor networks (SDWSNs) in this paper. Our method is to formulate topology control algorithm as a nonlinear programming (NP) problem with the objective to optimizing two metrics, maximum communication range, and desired degree. This NP problem is solved at the SDWSN controller by employing the genetic algorithm (GA) to determine the best topology. The simulation results show that the proposed algorithm outperforms the MaxPower algorithm in terms of average node degree and energy expansion ratio.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Advanced Privacy Scheme to Improve Road Safety in Smart Transportation SystemsIJCNCJournal
In -Vehicle Ad-Hoc Network (VANET), vehicles continuously transmit and receive spatiotemporal data with neighboring vehicles, thereby establishing a comprehensive 360-degree traffic awareness system. Vehicular Network safety applications facilitate the transmission of messages between vehicles that are near each other, at regular intervals, enhancing drivers' contextual understanding of the driving environment and significantly improving traffic safety. Privacy schemes in VANETs are vital to safeguard vehicles’ identities and their associated owners or drivers. Privacy schemes prevent unauthorized parties from linking the vehicle's communications to a specific real-world identity by employing techniques such as pseudonyms, randomization, or cryptographic protocols. Nevertheless, these communications frequently contain important vehicle information that malevolent groups could use to Monitor the vehicle over a long period. The acquisition of this shared data has the potential to facilitate the reconstruction of vehicle trajectories, thereby posing a potential risk to the privacy of the driver. Addressing the critical challenge of developing effective and scalable privacy-preserving protocols for communication in vehicle networks is of the highest priority. These protocols aim to reduce the transmission of confidential data while ensuring the required level of communication. This paper aims to propose an Advanced Privacy Vehicle Scheme (APV) that periodically changes pseudonyms to protect vehicle identities and improve privacy. The APV scheme utilizes a concept called the silent period, which involves changing the pseudonym of a vehicle periodically based on the tracking of neighboring vehicles. The pseudonym is a temporary identifier that vehicles use to communicate with each other in a VANET. By changing the pseudonym regularly, the APV scheme makes it difficult for unauthorized entities to link a vehicle's communications to its real-world identity. The proposed APV is compared to the SLOW, RSP, CAPS, and CPN techniques. The data indicates that the efficiency of APV is a better improvement in privacy metrics. It is evident that the AVP offers enhanced safety for vehicles during transportation in the smart city.
April 2024 - Top 10 Read Articles in Computer Networks & CommunicationsIJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
DEF: Deep Ensemble Neural Network Classifier for Android Malware DetectionIJCNCJournal
Malware is one of the threats to security of computer networks and information systems. Since malware instances are available sufficiently, there is increased interest among researchers on usage of Artificial Intelligence (AI). Of late AI-enabled methods such as machine learning (ML) and deep learning paved way for solving many real-world problems. As it is a learning-based approach, accumulated training samples help in improving thequality of training and thus leveraging malware detection accuracy. Existing deep learning methods are focusing on learning-based malware detection systems. However, there is need for improving the state of the art through ensemble approach. Towards this end, in this paper we proposed a framework known as Deep Ensemble Framework (DEF) for automatic malware detection. The framework obtains features from training samples. From given malware instance a grayscale image is generated. There is another process to extract the opcode sequences. Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM) techniques are used to obtain grayscale image and opcode sequence respectively. Afterwards, a stacking ensemble is employed in order to achieve efficient malware detection and classification. Malware samples collected fromthe Internet sources and Microsoft are used for theempirical study. An algorithm known as Ensemble Learning for Automatic Malware Detection (EL-AML) is proposed to realize our framework. Another algorithm named Pre-Process is proposed to assist the EL-AML algorithm for obtaining intermediate features required by CNN and LSTM.Empirical study reveals that our framework outperforms many existing methods in terms of speed-up and accuracy.
High Performance NMF Based Intrusion Detection System for Big Data IOT TrafficIJCNCJournal
With the emergence of smart devices and the Internet of Things (IoT), millions of users connected to the network produce massive network traffic datasets. These vast datasets of network traffic, Big Data are challenging to store, deal with and analyse using a single computer. In this paper we developed parallel implementation using a High Performance Computer (HPC) for the Non-Negative Matrix Factorization technique as an engine for an Intrusion Detection System (HPC-NMF-IDS). The large IoT traffic datasets of order of millions samples are distributed evenly on all the computing cores for both storage and speedup purpose. The distribution of computing tasks involved in the Matrix Factorization takes into account the reduction of the communication cost between the computing cores. The experiments we conducted on the proposed HPC-IDS-NMF give better results than the traditional ML-based intrusion detection systems. We could train the HPC model with datasets of one million samples in only 31 seconds instead of the 40 minutes using one processor), that is a speed up of 87 times. Moreover, we have got an excellent detection accuracy rate of 98% for KDD dataset.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
Discover the latest insights on Data Driven Maintenance with our comprehensive webinar presentation. Learn about traditional maintenance challenges, the right approach to utilizing data, and the benefits of adopting a Data Driven Maintenance strategy. Explore real-world examples, industry best practices, and innovative solutions like FMECA and the D3M model. This presentation, led by expert Jules Oudmans, is essential for asset owners looking to optimize their maintenance processes and leverage digital technologies for improved efficiency and performance. Download now to stay ahead in the evolving maintenance landscape.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
Rainfall intensity duration frequency curve statistical analysis and modeling...bijceesjournal
Using data from 41 years in Patna’ India’ the study’s goal is to analyze the trends of how often it rains on a weekly, seasonal, and annual basis (1981−2020). First, utilizing the intensity-duration-frequency (IDF) curve and the relationship by statistically analyzing rainfall’ the historical rainfall data set for Patna’ India’ during a 41 year period (1981−2020), was evaluated for its quality. Changes in the hydrologic cycle as a result of increased greenhouse gas emissions are expected to induce variations in the intensity, length, and frequency of precipitation events. One strategy to lessen vulnerability is to quantify probable changes and adapt to them. Techniques such as log-normal, normal, and Gumbel are used (EV-I). Distributions were created with durations of 1, 2, 3, 6, and 24 h and return times of 2, 5, 10, 25, and 100 years. There were also mathematical correlations discovered between rainfall and recurrence interval.
Findings: Based on findings, the Gumbel approach produced the highest intensity values, whereas the other approaches produced values that were close to each other. The data indicates that 461.9 mm of rain fell during the monsoon season’s 301st week. However, it was found that the 29th week had the greatest average rainfall, 92.6 mm. With 952.6 mm on average, the monsoon season saw the highest rainfall. Calculations revealed that the yearly rainfall averaged 1171.1 mm. Using Weibull’s method, the study was subsequently expanded to examine rainfall distribution at different recurrence intervals of 2, 5, 10, and 25 years. Rainfall and recurrence interval mathematical correlations were also developed. Further regression analysis revealed that short wave irrigation, wind direction, wind speed, pressure, relative humidity, and temperature all had a substantial influence on rainfall.
Originality and value: The results of the rainfall IDF curves can provide useful information to policymakers in making appropriate decisions in managing and minimizing floods in the study area.
artificial intelligence and data science contents.pptxGauravCar
What is artificial intelligence? Artificial intelligence is the ability of a computer or computer-controlled robot to perform tasks that are commonly associated with the intellectual processes characteristic of humans, such as the ability to reason.
› ...
Artificial intelligence (AI) | Definitio
Applications of artificial Intelligence in Mechanical Engineering.pdfAtif Razi
Historically, mechanical engineering has relied heavily on human expertise and empirical methods to solve complex problems. With the introduction of computer-aided design (CAD) and finite element analysis (FEA), the field took its first steps towards digitization. These tools allowed engineers to simulate and analyze mechanical systems with greater accuracy and efficiency. However, the sheer volume of data generated by modern engineering systems and the increasing complexity of these systems have necessitated more advanced analytical tools, paving the way for AI.
AI offers the capability to process vast amounts of data, identify patterns, and make predictions with a level of speed and accuracy unattainable by traditional methods. This has profound implications for mechanical engineering, enabling more efficient design processes, predictive maintenance strategies, and optimized manufacturing operations. AI-driven tools can learn from historical data, adapt to new information, and continuously improve their performance, making them invaluable in tackling the multifaceted challenges of modern mechanical engineering.
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Null Bangalore | Pentesters Approach to AWS IAMDivyanshu
#Abstract:
- Learn more about the real-world methods for auditing AWS IAM (Identity and Access Management) as a pentester. So let us proceed with a brief discussion of IAM as well as some typical misconfigurations and their potential exploits in order to reinforce the understanding of IAM security best practices.
- Gain actionable insights into AWS IAM policies and roles, using hands on approach.
#Prerequisites:
- Basic understanding of AWS services and architecture
- Familiarity with cloud security concepts
- Experience using the AWS Management Console or AWS CLI.
- For hands on lab create account on [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
# Scenario Covered:
- Basics of IAM in AWS
- Implementing IAM Policies with Least Privilege to Manage S3 Bucket
- Objective: Create an S3 bucket with least privilege IAM policy and validate access.
- Steps:
- Create S3 bucket.
- Attach least privilege policy to IAM user.
- Validate access.
- Exploiting IAM PassRole Misconfiguration
-Allows a user to pass a specific IAM role to an AWS service (ec2), typically used for service access delegation. Then exploit PassRole Misconfiguration granting unauthorized access to sensitive resources.
- Objective: Demonstrate how a PassRole misconfiguration can grant unauthorized access.
- Steps:
- Allow user to pass IAM role to EC2.
- Exploit misconfiguration for unauthorized access.
- Access sensitive resources.
- Exploiting IAM AssumeRole Misconfiguration with Overly Permissive Role
- An overly permissive IAM role configuration can lead to privilege escalation by creating a role with administrative privileges and allow a user to assume this role.
- Objective: Show how overly permissive IAM roles can lead to privilege escalation.
- Steps:
- Create role with administrative privileges.
- Allow user to assume the role.
- Perform administrative actions.
- Differentiation between PassRole vs AssumeRole
Try at [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
Feature Selection using the Concept of Peafowl Mating in IDS
1. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
DOI: 10.5121/ijcnc.2024.16104 51
FEATURE SELECTION USING THE CONCEPT OF
PEAFOWL MATING IN IDS
Partha Ghosh1
, Joy Sharma2
and Nilesh Pandey3
1, 3
Dept. of Information Technology, Netaji Subhash Engineering College, Kolkata, India
2
Dept. of Computer Science and Engineering, Netaji Subhash Engineering College,
Kolkata, India
ABSTRACT
Cloud computing has high applicability as an Internet based service that relies on sharing computing
resources. Cloud computing provides services that are Infrastructure based, Platform based and Software
based. The popularity of this technology is due to its superb performance, high level of computing ability,
low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud
environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection
System is used, that can identify the attacks and ensure information security. Such a coherent and
proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding
safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an
optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to
reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions.
The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have
proved to be a better as well as an efficient IDS.
KEYWORDS
Cloud Computing, Intrusion Detection System (IDS), Feature Selection (FS), Peafowl Mating (PFM)
Algorithm, NSL-KDD Dataset, Kyoto Dataset
1. INTRODUCTION
Cloud Computing provides the opportunities of accessing the remote activities which are services
like platform, software or infrastructure as per the needs over the Internet. It provides the
facilities over the Internet which can be accessed from anywhere the user wishes to use. Since the
use of this technology is increasing day by day, the privacy of data has become a matter of
concern as it attracts more intruders who try to access data illegally [1]. For privacy, IDS
provides us with a solution. IDS performs a crucial role in minimizing threats to the information
system and maintaining security in the network [2]. IDSs are of mainly two types: Network based
IDS (NIDS) and Host based IDS (HIDS). NIDS is located at critical points of the network to
investigate all data packets passing across [3]. It analyses the passing packets on the entire
subdivision of the network. In case it notices any malicious activity by matching it with previous
attack records, it notifies the host and prevents the attack. It has a strong mechanism but with
very low visibility in the host server. HIDS is placed on individual hosts. It holds a record of
important system files and keeps on checking each incoming and outgoing file. In case any
alterations in the records are found, it notifies the administrator. HIDS is not capable of
monitoring applications, only the use of resources of the applications can be checked by it.
Depending on the finding mechanism of IDS, it can be categorized into misuse detection and
anomaly detection [4]. Only the attacks for which a previous record is already present can be
2. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
52
detected by misuse detection. Misuse detection is also referred to as signature-based detection
and pattern matching. Anomaly detection is implemented to spot novel types of attacks. It can
identify any action that is quite different from standard behavior i.e., it can recognize anomalies
[5, 6]. Various algorithms are being used to increase the efficiency of IDS. IDS has to deal with a
huge amount of data. The datasets are so large that it takes a long time to be processed. These
datasets contain many irrelevant data which is not necessary for computation increases time
consumption as well as may cause misclassification. This is the reason why the size of the
datasets is needed to be reduced [7].
To shorten the training time and memory allocation of the dataset, some of the dimensions of the
dataset are dropped without compromising with the efficiency of the system using different kinds
of Feature Selection (FS) methods [8, 9]. A large dimensional dataset reduces the effectiveness of
the results. So here, a new nature inspired algorithm, Peafowl Mating (PFM) algorithm, is
proposed to select relevant Feature Subsets (FSs). After the reduction of features and selection of
relevant FSs, the data records are classified either an anomaly or normal record. This provides
with better results and leads to a highly effective as well as robust IDS.
The remaining part of the paper is arranged accordingly: Section 2 upholds the pieces of literature
on IDS, cloud and so on from which the authors of this paper gathered motivation. Section 3 is
the prime part of the paper, demonstrating the novel proposed IDS model. The experimental
results of the proposed model are portrayed in details in Section 4. Ultimately, the concluding
statements are provided in Section 5.
2. RELATED WORKS
Network security has been a matter of concern since the popularization of Internet. Firewalls look
into the ways of protecting the devices and systems in various possible methods from attacks. But
to increase the rate of detecting the intrusions properly an IDS is needed. T.N. Kim et al. in 2022
suggested a novel approach by combining IDS with firewall which updated the firewall filtering
rule if any new type of intrusion was identified [10]. In 2018 Elham Besharati et al. proposed a
HIDS which would search and select important features for each class using logistic regression
and also used regularization techniques to improve the values. All the attacks are classified using
the combination of three popular classifiers. The model was tested on NSL-KDD data set and
showed an accuracy of 97.51% for detecting attacks against normal states [11]. In 2022, T.T.
Huynh and H.T. Nguyen developed an IDS which used a combination of multilayer Neural
Network (NN) with Dense Sparse Dense (DSD) multi-stage training [12]. That model was
experimented using Recurrent Neural Network (RNN), Long-Short Term Memory (LSTM),
Gated Recurrent Unit (GRU) etc. M.R. Gauthama Raman et al. [13] had developed a proficient
IDS. To set parameters, hypergraph based Genetic Algorithm and Support Vector Machine was
used and applied for selecting features. To build the IDS with high Detection Rate and low False
Positive Rate they also introduced a weighted objective function. In 2004, Srilatha Chebrolu et al.
[14] proposed a hybrid IDS by combining Markov Blanket model and decision tree as FS
methods. The performance of their model was judged by Bayesian Network (BN) and Regression
Tree (CART). Distributed Denial of Service (DDoS) continuously launches attacks on cloud
services and makes resources unavailable. In 2018, Mustapha Belouch et al. [15] proposed a
Hybrid Filter-Wrapper Feature Selection HFWFS method for DDoS detection. That uses both
filter and wrapper methods to detect the most redundant features and generate a reduced feature
set. The wrapper method is implemented to achieve the optimal selection of features. For
evaluating how it performs, they have used NSL-KDD and UNSW-NB15 datasets and then
applied Random Tree classifier. In 2012, Li-Fei Chen et al. [16] proposed a meta-heuristic
algorithm to solve the feature selection problem efficiently in a high-dimensional feature space.
The improved particle swarm optimization (IPSO) algorithm proposed by them, uses the opposite
3. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
53
sign test (OST) which diversifies the population in PSO and improves the jump ability of flying
particles so that local optimal trapping can be avoided. The performance is then evaluated on the
basis of classification accuracy. In 2018, Gursel Serpen et al. [17] designed a host-based IDS for
detecting misuse on Linux operating system which uses a feature extraction technique based on
PCA of operating system call trace data and employs k-nearest neighbor algorithm for
classification purpose. The propose method was tested on the ADFA-LD dataset which contains
six types of attack along with normal records. Eduardo de la Hoz et al. built a classifier using
Support Vector Classifier Ensemble. They paid extra attention to the data pre-processing and
feature selection. They trained each classifier with a distinct feature set in order to hike the
detection abilities for a specific class. They have used linear and non-linear feature selection
technique [18]. Seyed Mojtaba Hosseini Bamakan et al. worked on creating an IDS framework
using chaos particle swarm optimization. For this work, they modified the chaos particle swarm
optimization using the time-varying inertia weight factor (TVIW) and time-varying acceleration
coefficients (TVAC). After creating the framework, they selected the subset of features for
Multiple Criteria Linear Programming (MCLP) and SVM [19]. It was found that the huge
network traffic dataset causes a lot of difficulties to process the dataset. Due to this the accuracy
rate and the detection rate decreased in the IDS. In 2015, Raman Singh et al. presented an Online
Sequential Extreme Learning Machine (OS-ELM) based IDS with network traffic profiling [20].
In their work, they used an ensemble of three FS techniques to minimize the feature set of
network traffic dataset and for training the dataset, Beta profiling had been used. In 2018, Qusay
M. Alzubi et al. [21] developed a Modified Binary Grey Wolf Optimization (MBGWO) based
intrusion detection system. They split up the work into three different parts. To prove the
efficiency that model was compared with a number of existing algorithms. The authors analyzed
the mentioned papers to understand how IDS actually works as well as find out its strengths and
weaknesses. Inspired by these works the authors have proposed a proficient IDS model to solve
the issues related to security on cloud.
3. PROPOSED MODEL
In the modern era, protecting the devices and services on the Cloud environment is a great
challenge. Day by day attackers are improving their ways to infiltrate into systems and cause
disruptions. There is an urgent need to upgrade the security mechanisms to prevent the intrusions.
IDS is one of the mechanisms which helps in preserving security on Cloud environment. An IDS
scrutinizes data packets to distinguish between normal traffic and attack packets. But there are
numerous data packets in the network as well as the packets contains quite a number of attributes.
To select out only the useful data packets and extract the most useful features different machine
learning techniques need to be implemented. The authors of this paper have worked towards
making Cloud a safer place by proposing a novel feature selection method and using it in IDS.
In this article, a nature inspired method to solve the real-world optimization problems have been
used by the authors. Nature inspired algorithms are the algorithms in which the behaviors of
existing species are observed carefully and algorithms are developed based on those behaviors.
Basically, the biologically inspired algorithms are influenced by the natural phenomena [22]. The
rules of nature are visualized into algorithms for prolific performance. These algorithms can be
used in several machine learning techniques like classification, clustering, data mining, feature
selection etc. The complexity of the real-world optimization problems is too high to process in an
acceptable amount of time. This is why the algorithms should be such that those can process to
solutions in affordable complexity [23]. Here, the authors have been motivated by the mating
behavior of Peafowl. This behavior has been introduced into the paper in the form of a nature
inspired algorithm. This nature inspired Peafowl Mating based Feature Selection Algorithm
provides a near optimal solution to the problem i.e., it’s metaheuristic in nature.
4. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
54
For the purpose of the experiment, the authors have used both NSL-KDD and Kyoto datasets.
These datasets are needed to be pre-processed and normalized. These contain many redundant
values and sometimes the values are not in the form to be directly used for training and testing
IDS. So those values need to be in proper numerical form for the purpose to serve. After pre-
processing and normalization, the datasets are applied on the proposed model [24]. The PFM
Algorithm is then applied over the training data to reduce the dimensions of the data by deleting
the irrelevant features. The algorithm based on the mating behavior of Peafowl generates feature
subsets out of the complete dataset. After that, the testing dataset is used for classification using
different classifiers. Figure 1 depicts the progress of the proposed model.
Figure 1. Flowchart of the proposed model
3.1. Behavior of Peafowls
By the term Peafowl, both peacock and peahen are addressed. Peacocks elaborate their colorful
feathers to attract the peahens. In the mating season, the peacocks spread their feathers to show
the dominance and to prove themselves superior compared to the others. The prettier the peacock,
the more peahens are attracted by it. A peacock shakes his feathers and struts around with
confidence as if he owns the place. Tail feathers of a peacock can be seen underneath the feathers
which are spread to attract peahens. Peacocks have also a wide vocabulary of calls, and during
the mating season they make a distinctive hoot to attract the peahens. The peahens are attracted
by the colorfulness as well as the intensity of the sound or mating call generated by the peacocks.
The peahens roam around the territories, after that, they select the peacock to mate with. The
peacocks with the higher colorfulness and sound intensity are likely to be chosen by the peahens
with higher efficiency. Peacocks are polygamous by nature i.e., they wish to mate with as many
peahens as possible. There are some peacocks who are more attractive as well as stronger than
others and are likely to mate with multiple peahens in a single season. These types of peacocks
are called dominant ones. So, they are basically more efficient creatures in their own kingdom.
The Peacocks which are not so efficient are called non-dominant peacocks. Those are less likely
to mate with more than one peahen. After mating, peahens leave the place with the fertilized eggs
to lay. In this way the generation continues.
5. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
55
3.2. Proposed Peafowl Mating Algorithm
In this article, the authors used the behavior of peafowls during mating to implement a model for
FS. The model comprises of the random data points which represent the peafowls and some
parameters based on which the mating occurs. Some calculation formulae among the data points
have been introduced by the authors according to the structure of mating. The new generation is
created through interactions of data points as per the behavioral nature of peafowls. To increase
the performance of the algorithm the authors assume a number of mating seasons for a single
generation. Authors also assume different number of males and females for different seasons. The
process continues to a particular terminating condition where the authors have got the results of
selected Feature Subsets (FSs). In this model, some key principles have been considered about
the peafowl in implementing the algorithm. These are:
• All the peafowls are interpreted as unisex at first. In every generation, according to their
fitness values, the peacocks and peahens are differentiated.
• Colorfulness of feathers and sound intensity are key characteristics for the purpose of
peafowl mating algorithm.
• In every generation the total number of peafowls are constant.
The algorithm is basically based on two key characteristics of peafowl: the intensity of mating
call of the peacock and the colorfulness of their feathers. The attractiveness (Ai) of a peafowl i,
depends on the intensity of mating call I0, the colorfulness of the feathers C0 and the distance dij
between peafowl i and j. Ai varies with the change in dij. As the medium is interpreted as
consistent, attractiveness varies monotonically and exponentially. The attractiveness is described
as
(1)
where, γ1 and γ2 are sound wave distortion coefficient and color absorption coefficient
respectively. Values for γ1 and γ2 are given as γ1, γ2 ∈ [0, +∞). The value of dij for two peafowls i
and j is basically the Euclidean distance between co-ordinates xi and xj which can be given as
(2)
In this proposed PFM algorithm, the authors have taken n data points as N (set of n number of
data points or peafowls) randomly with binary values i.e., 0’s and 1’s for the experimental
purpose. For the first iteration using classifier, the fitness value of each data point is calculated. A
random number r is generated (which depends on the size of the population) to differentiate
between male (Np) and female (Nh). Equation (3) and (4) give the number of males np and number
of females nh.
(3)
(4)
To extract Np and Nh separately, the data points are sorted in descending order according to their
fitness value. The top np data points are separated as male in Np and the rest nh points are stored
as female in Nh.
There are two types of males, one is normal another one is dominant. The dominant ones are
basically capable to mate with multiple females i.e., they much more efficient than the normal
6. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
56
ones. This type of males is supposed to have higher fitness values. Another random number,
Dominance Factor α is generated to indicate the number of dominant males. Value of α is also
dependent on population size. Using (5) and (6) the number of dominant males and normal males
are calculated.
(5)
(6)
Here, nd is the number of dominant males and nn is the number of the remaining normal males.
The top nd number of males are denoted by Nd and Nn represents nn number of other males.
For the mating purpose, the peahens with higher fitness values choose the dominant peacocks
which are also of higher fitness values. Every peahen chooses one peacock of its choice. The
dominant peacocks can be chosen by more than one peahen. After mating, the newborn peafowl
are stored in a set called new. A newborn peafowl k, born with the peacock xi and the peahen xj,
can be described as
(7)
where, rand is a random number generated for including a mutated behavior. The value of rand
should be a fraction to properly regulate the positional value of the newborn. The value of rand
lies between -1 to 1 (both inclusive). Some of the features of a newborn is acquired on its own
due to evolution and it occurs because of the rand variable.
Once the set of newborn peafowl is calculated as new, the value of newkd (i.e., dth
dimension of
the kth
data point) can be either in the range of 0 to 1 or out of it. There is a need to transform the
real values into binary i.e., 0 or 1 as the selected features are needed to be extracted. So, a
probabilistic rule which is based on hyperbolic tangent function is applied to each dimension of
the position vector. Equation (8) gives the formula of the function.
(8)
(9)
After that, the new peafowls are added to the parent set with their respective fitness values. Now,
all the peafowls are sorted in a decreasing manner with accordance to their fitness values. The
topmost n number of peafowls are selected for upcoming iteration. In this way, the process
continues updating as well as adding the new peafowls and fetching out top n number of
peafowls every time. This is done to obtain only the peafowls with higher fitness values and keep
the size of the population constant. Finally, after completing all iterations, the peafowl having
maximum fitness value is selected as the optimal feature subset. The experiment with the
proposed model showed that it has performed better for the work of feature selection in terms of
both decreasing the processing power and the memory requirement.
In the proposed model, γ1 and γ2 are set to 1. r is a random value lying in the range [0.4, 0.6].
Both intensity of mating call I0 and colorfulness of the feathers C0 are set to 0.1 and α is the
dominance factor which is regulated at 0.8.
7. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
57
The pseudo-code of the proposed algorithm is given below:
Algorithm: Feature Selection based on PFM Algorithm
Input: Dataset X which contains x number of records
Output: Optimal Feature Subset
Steps:
1: begin
2: Generate population N with n number of datapoints
3: Set values for parameters r, α, γ1, γ2
4: Calculate fitness of each peafowl
5: Sort them in decreasing order with respect to their fitness values
6: while (iteration < maximum number of iteration): do
7: while (season_number < maximum number of season): do
8: Compute Np using (3)
9: Compute Nh using (4)
10: Compute Nd using (5)
11: Compute Nn using (6)
12: for (each peacock in Nd): do
13: Mate with multiple peahens in Nh randomly using (7)
14: Store the newborn peafowls
15: end for
16: for (each peacock in Nn): do
17: Mate with single peahen in Nh randomly using (7)
18: Store the newborn peafowls
19: end for
20: Calculate fitness of the newly generated peafowls
21: Append all new peafowls to the population
22: Sort population in decreasing order in accordance to fitness
23: Keep top n peafowls for upcoming iteration
24: season_number = season_number + 1
25: end while
26: iteration = iteration + 1
27: end while
28: end
4. EXPERIMENTAL RESULTS AND ANALYSIS
For conducting the experiments, scikit-learn library of version 0.20.2 written in Python has been
used [25]. The experiments were conducted in an Intel Core i7 7th Gen processor @2.20 GHz
system with 8 GB RAM running on Windows 10 Operating System. The environment was set up
in a Cloud simulating framework named CloudSim.
4.1. Dataset
In 2009, M. Tavallaee et al. proposed NSL-KDD dataset which is a benchmark dataset and is
often used for identifying intrusion [26]. This dataset is derived from KDDCUP’99 dataset. The
dataset consists of 4 components, ‘KDD Train+’, ‘KDD Test+’, ‘20% KDD Training’ and ‘KDD
Test-21’. In this paper for measuring the performance of the proposed IDS model, KDD Train+ is
8. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
58
used for training and KDD Test+ is used for testing. KDD Train+ contains 1,25,973 records and
KDD Test+ contains 22,544 records. Each record consists of 41 features, labelled as normal or
specific attack types [27, 28]. Figure 2 shows the statistical records in NSL-KDD dataset. Both of
the train and test dataset contains the signature of various types of attacks, which are categorized
into four types – Denial of Service (DoS), Probe, User to Root (U2R), Remote to Local (R2L).
Figure 2. Statistical records in NSL-KDD dataset
Another benchmark dataset named Kyoto dataset is used for experiments. Network traffic, from
November 1st
, 2006 to December 31st
, 2015, is captured by the Kyoto University [29]. To
conduct experiments authors have collected a part of the benchmark dataset. Network traffic of
March 30th
, 2010 is gathered and after deleting all duplicate and redundant records, only 1,63,752
connections are taken for experimental purposes. Kyoto dataset contains 16 conditional features
and 1 decision making feature [20]. The portion of Kyoto dataset used in this experiment contains
74,837 numbers of normal and 88,915 numbers of attack instances.
Both of the above benchmark datasets contain numeric as well as non-numeric conditional
attributes. To transform these non-numerical values into numerical and for making the input
suitable, preprocessing is done before the experiments. All non-numerical conditional features of
both datasets are assigned with numerical values according to the number of occurrences of those
particular feature values. Conditional attributes contain discrete and continuous values. Due to
the combination of discrete and continuous values, the range of the feature values are not same.
To make the range of all the features same and comparable, normalization is done. In the
proposed model, to make the datasets normalized, min-max normalization method is used [30].
After performing preprocessing and normalization NSL-KDD dataset as well as Kyoto dataset
are used for performing the testing of the proposed model.
4.1.1. Experiments using Benchmark Functions
The numerical proficiency of the proposed Peafowl algorithm is tested using 23 classical
benchmark functions. To show the superiority of PFM, it is compared with a number of swarm-
based optimization algorithms. The population size of 30 and 500 iterations are taken for each
algorithm. All benchmark functions [31, 32] are explained in figure 3, 4 and 5.
9. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
59
Figure 3. Unimodal benchmark functions
Figure 4. Multimodal benchmark functions
Figure 5. Fixed-dimensional Multimodal benchmark functions
10. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
60
The comparison of the optimization results is shown in Table 1. PFM algorithm runs 30 times
using new populations generated at random. The average cost function and corresponding
standard deviation are used for presenting the results. The PFM algorithm is compared with
Whale Optimization Algorithm (WOA) [33], Particle Swarm Optimization (PSO) [34],
Gravitational Search Algorithm (GSA) [35]. Results of the mentioned algorithms are mainly
taken from [33].
Table 1. Comparison of Optimization Algorithms on Benchmark Functions
F
PFM WOA PSO GSA
avg std avg std avg std avg std
F1 1.6E-18 3.89795E-19 1.41E-30 4.91E-30 0.000136 0.000202 2.53E-16 9.67E-17
F2 5.36E-10 7.10533E-11 1.06E-21 2.39E-21 0.042144 0.045421 0.055655 0.194074
F3 8.92E-18 2.08747E-18 5.39E-07 2.93E-06 70.12562 22.11924 896.5347 318.9559
F4 5.42E-10 7.38537E-11 0.072581 0.39747 1.086481 0.317039 7.35487 1.741452
F5 31.0265547 19.8206229 27.86558 0.763626 96.71832 60.11559 67.54309 62.22534
F6 1.62E-18 3.5667E-19 3.116266 0.532429 0.000102 8.28E-05 2.5E-16 1.74E-16
F7 0.01889554 0.00745337 0.001425 0.001149 0.122854 0.044957 0.089441 0.04339
F8 -8612.22938 417.594683 -5080.76 695.7968 -4841.29 1152.814 -2821.07 493.0375
F9 66.8610837 12.77214487 0 0 46.70423 11.62938 25.96841 7.470068
F10 2.74E-10 2.71065E-11 7.4043 9.897572 0.276015 0.50901 0.062087 0.23628
F11 0.00673594 0.008485047 0.000289 0.001586 0.009215 0.007724 27.70154 5.040343
F12 6.69E-03 0.025871846 0.339676 0.214864 0.006917 0.026301 1.799617 0.95114
F13 0.00219747 0.004470079 1.889015 0.266088 0.006675 0.008907 8.899084 7.126241
F14 1.42328322 1.635213484 2.111973 2.498594 3.627168 2.560828 5.859838 3.831299
F15 0.00041852 0.00013061 0.000572 0.000324 0.000577 0.000222 0.003673 0.001647
F16 -1.0316285 6.77522E-16 -1.03163 4.2E-07 -1.03163 6.25E-16 -1.03163 4.88E-16
F17 0.39788736 1.1292E-16 0.397914 2.7E-05 0.397887 0 0.397887 0
F18 3 4.51681E-16 3 4.22E-15 3 1.33E-15 3 4.17E-15
F19 -3.8627798 1.80672E-15 -3.85616 0.002706 -3.86278 2.58E-15 -3.86278 2.29E-15
F20
-
3.203161918
2.25841E-15 -2.98105 0.376653 -3.26634 0.060516 -3.31778 0.023081
F21
-
10.05352692
1.80672E-15 -7.04918 3.629551 -6.8651 3.019644 -5.95512 3.737079
F22 -10.0637085 0 -8.18178 3.829202 -8.45653 3.087094 -9.68447 2.014088
F23
-
10.07504591
3.61345E-15 -9.34238 2.414737 -9.95291 1.782786 -10.5364 2.6E-15
The exploitation capability of the proposed algorithm is evaluated using the unimodal benchmark
functions F1-F7 because they have only one global optimum. Comparative results show that the
PFM algorithm provides very good exploitation. To evaluate the ability of exploration of the
optimization algorithm, F8-F23 benchmark functions are considered. F8 to F23 functions are
multimodal functions that include multiple local optima which increase exponentially with the
size of the problem. Comparative results also show very good exploration capabilities of the
proposed meta-heuristic algorithm. Table 1 reflects that the proposed novel PFM algorithm
makes a balance between the exploitation as well as exploration during the search and is also
successful in finding the optimum solution.
4.1.2. Experiments using Datasets
Datasets contain a number of attributes, among which some are useless and if those are not
excluded, it takes more time for evaluation as well as the accuracy rate decreases. Therefore, it is
required to minimize the dimension of such a dataset by selecting only the relevant features.
11. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
61
Here, a nature inspired PFM algorithm has been used for selecting appropriate feature subset
from the NSL-KDD and Kyoto dataset. With this proposed model the authors select subsets of
features from the original dataset for achieving better performance. Using the selected subsets of
features the authors classified the connections as normal or anomaly. Table 2 and 3 show all the
selected feature subsets using the PFM algorithm from different datasets. For the further work of
classification, the authors divide their work in two different phases.
Table 2. Feature Subsets of NSL-KDD dataset using PFM algorithm
Feature Subset
(FSs)
No. of
features
Features
FSs1 21 1,3,4,5,6,7,8,9,10,13,15,19,23,26,32,35,36,37,38,39,40
FSs2 19 2,3,4,5,6,7,8,9,10,13,18,23,25,28,32,35,36,37,40
FSs3 19 3,4,5,6,7,8,12,17,20,23,25,27,32,35,36,37,38,40,41
Table 3. Feature Subsets of Kyoto dataset using PFM algorithm
Feature Subset (FSs) No. of features Features
FSs1 8 4,5,6,9,10,12,14,16
FSs2 8 2,3,5,6,9,10,14,16
FSs3 9 1,5,6,9,10,11,13,14,16
Scenario 1: In the first scenario only NSL-KDD dataset is taken. Here, authors have taken NSL-
KDD train dataset for training and NSL-KDD test dataset to judge the performance of reduced
datasets. A number of different classifiers have been applied to measure the performance. Table 4
presents the obtained results.
Performance of any IDS depends on four parameters [36] – True Positive (TP), True Negative
(TN), False Negative (FN) and False Positive (FP). Based on these four parameters, performance
metrics are calculated which are as follows:
Accuracy (AC) = (10)
Detection Rate (DR) = (11)
False Positive Rate (FPR) = (12)
True Negative Rate (TNR) = (13)
False Negative Rate (FNR) = (14)
Precision = (15)
F1score = (16)
Here, the authors extracted three Feature Subsets (FSs) from the original NSL-KDD dataset with
the feature number counts of 21, 19 and 19 features respectively. For each selected FSs, the
Accuracy (AC), Detection Rate (DR) and False Positive Rate (FPR) have been calculated with
selected features and using all features. It is found that in every case, reduced set of features gave
better performance as well as consumed less memory space. Hence, the proposed PFM algorithm
creates a robust and efficient IDS. The proposed model was also compared with GWO, MGWO,
BGWO and MBGWO algorithms. Results obtained from experiments highlight that the proposed
algorithm achieves higher accuracy. The comparison depicted in Table 5 shows that the proposed
model outperforms the models developed by other authors. After classification, Table 6 shows all
12. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
62
the performance metrics for FSs1. Fig. 6 to Fig. 10 illustrate all the performance metrics for FSs1
using NN, DT, KNN, Bagging and RF respectively.
Table 4. Comparative study of Scenario 1 on NSL-KDD dataset
Classifier
Feature
Subset
With Feature Selection
Without Feature
Selection
AC (%) DR (%) FPR (%)
AC
(%)
DR
(%)
FPR
(%)
Neural
Network
FSs1 82.244 70.973 2.863
79.467 66.337 3.182
FSs2 81.490 69.750 2.997
FSs3 83.029 72.688 3.306
Decision
Tree
FSs1 84.816 75.999 3.532
79.649 70.077 7.703
FSs2 83.863 74.036 3.151
FSs3 82.248 71.215 3.172
K-Nearest
Neighbor
FSs1 80.376 67.397 2.471
77.608 62.417 2.317
FSs2 82.173 70.482 2.379
FSs3 80.239 67.085 2.379
Bagging
FSs1 83.299 73.163 3.306
80.265 68.869 4.675
FSs2 83.047 72.485 2.997
FSs3 82.031 70.825 3.161
Random
Forest
FSs1 79.551 66.212 2.822
78.149 63.867 2.976
FSs2 79.108 65.534 2.955
FSs3 79.241 65.760 2.945
Table 5. Comparison with other Feature Selection methods on NSL-KDD dataset in Scenario 1
Algorithm Average Accuracy (%)
Average number of
selected features
KNN-NN [37] 76.54 25
GWO [21] 79.66 28
MGWO [21] 79.66 24
bGWO [21] 81.07 26
MBGWO [21] 81.58 26
PFM 81.784 20
13. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
63
Table 6. Performance metrics of FSs1 of NSL-KDD dataset
Classifier Performance Metrics
Without Feature
Selection (%)
With Feature
Selection (%)
Neural
Network
AC 79.241 82.244
DR 65.877 70.973
FPR 3.100 2.863
TNR 96.900 97.137
FNR 34.123 29.027
Precision 96.562 97.038
F1score 78.321 81.984
Decision
Tree
AC 79.666 84.816
DR 70.085 75.999
FPR 7.672 3.532
TNR 92.328 96.468
FNR 29.915 24.001
Precision 92.350 96.603
F1score 79.692 85.071
K-Nearest
Neighbor
AC 77.608 80.376
DR 62.417 67.397
FPR 2.317 2.582
TNR 97.683 97.529
FNR 37.583 32.603
Precision 97.268 97.300
F1score 79.039 79.634
Bagging
AC 81.250 83.299
DR 70.553 73.163
FPR 4.613 3.306
TNR 95.387 96.694
FNR 29.448 26.837
Precision 95.285 96.694
F1score 81.075 83.299
Random
Forest
AC 77.599 79.551
DR 62.893 66.212
FPR 2.966 2.822
TNR 97.034 97.179
FNR 37.108 33.788
Precision 96.555 96.876
F1score 76.170 78.661
Figure 6. Performance metrics of FSs1 of NSL-KDD dataset using NN in Scenario 1
14. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
64
Figure 7. Performance metrics of FSs1 of NSL-KDD dataset using DT in Scenario 1
Figure 8. Performance metrics of FSs1 of NSL-KDD dataset using KNN in Scenario 1
Figure 9. Performance metrics of FSs1 of NSL-KDD dataset using Bagging in Scenario 1
15. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
65
Figure 10. Performance metrics of FSs1 of NSL-KDD dataset using RF in Scenario 1
Scenario 2: In this scenario, both NSL-KDD train set (1,25,973 records) and Kyoto dataset are
considered. 10-fold cross validation is applied on the two datasets. It means that a dataset is split
into 10 sections or folds. The AC, DR and FPR of the classifiers – NN, DT, KNN, Bagging and
RF are noted in Table 7 and 8. The classifiers are trained in two ways – (i) classifiers trained with
all features and (ii) classifiers trained with the selected FSs found by the PFM algorithm. The
result shows that in most of the cases the selected subset of features gives higher accuracy and
better results than the complete dataset.
Apart from this, in this scenario a comparative study featuring the recent advancements in IDS on
DR and FPR is shown. This study is presented in Table 9. From these comparisons, it is evident
that the proposed IDS model based on Peafowl Mating algorithm performs better than other
mentioned IDS models. The PFM algorithm detects intrusions with high efficacy resulting the
DR to be 99.568% as well as rarely misjudges normal packets as attacks which generates FPR of
0.271% only on an average.
Table 7. Comparative study of Scenario 2 on NSL-KDD dataset
Classifier
Feature
Subset
With Feature Selection Without Feature Selection
AC (%) DR (%) FPR (%) AC (%) DR (%) FPR (%)
Neural
Network
FSs1 99.437 99.282 0.428
99.364 99.224 0.514
FSs2 99.474 99.291 0.367
FSs3 99.305 99.082 0.500
Decision
Tree
FSs1 99.755 99.717 0.212
99.712 99.710 0.287
FSs2 99.728 99.710 0.257
FSs3 99.746 99.725 0.236
K-Nearest
Neighbor
FSs1 99.517 99.429 0.407
99.412 99.330 0.517
FSs2 99.572 99.521 0.383
FSs3 99.494 99.482 0.496
Bagging
FSs1 99.802 99.736 0.141
99.785 99.731 0.168
FSs2 99.779 99.724 0.174
FSs3 99.796 99.748 0.162
Random
Forest
FSs1 99.801 99.681 0.095
99.788 99.673 0.111
FSs2 99.811 99.707 0.098
FSs3 99.794 99.685 0.110
16. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
66
Table 8. Comparative study of Scenario 2 on Kyoto dataset
Classifier
Feature
Subset
With Feature Selection Without Feature Selection
AC (%) DR (%) FPR (%) AC (%) DR (%) FPR (%)
Neural
Network
FSs1 99.408 99.425 0.612
99.307 99.504 0.926
FSs2 99.676 99.792 0.462
FSs3 99.437 99.495 0.632
Decision
Tree
FSs1 99.820 99.866 0.234
99.809 99.821 0.206
FSs2 99.830 99.882 0.232
FSs3 99.819 99.828 0.192
K-Nearest
Neighbor
FSs1 98.748 98.969 1.514
98.211 98.474 2.100
FSs2 98.843 99.028 1.376
FSs3 98.855 99.010 1.328
Bagging
FSs1 99.836 99.881 0.218
99.831 99.850 0.191
FSs2 99.837 99.885 0.220
FSs3 99.841 99.865 0.187
Random
Forest
FSs1 99.839 99.883 0.214
99.817 99.876 0.253
FSs2 99.828 99.886 0.240
FSs3 99.854 99.876 0.171
Table 9. Comparison with other FS methods on NSL-KDD dataset for Scenario 2
Authors Detection Rate (%) False Alarm Rate (%)
Singh et al. [20] 97.67 1.74
De la Hoz et al. [18] 93.40 14
Tavallaee et al. [24] 80.67 NA
Bamakan et al. [19] 97.03 0.87
Raman et al. [12] 97.14 0.83
Abd-Eldayem [38] 99.03 1.0
Kim et al. [39] 99.10 1.2
Gogoi et al. [40] 98.88 1.12
PFM (average) 99.568 0.271
5. CONCLUSIONS AND FUTURE WORK
Data security is emerging as a great issue in the world of cloud computing. As the data on cloud
is placed at remote locations, the authentication of users to access data is becoming a serious
threat. This is the time when the data scientists need to work on classifying the authenticated
users and the intruders accurately as well as efficiently. An efficient IDS is needed to be
developed to suffice this insecure situation. Figuring out the intruders is no less than the ultimate
tough thing, as the size of data on Cloud is so large. This is why the algorithm should work in
such a manner so that it processes the data most efficiently without compromising with the
accuracy. The Peafowl Mating (PFM) Algorithm proposed in this paper has shown better
outcomes through Feature Selection approach resulting in increased classification accuracy by
reducing the dimensions of the dataset. The authors have shown that the proposed algorithm has
performed better than the mentioned ones. As examined by the authors in this paper, the average
accuracy of PFM algorithm during train-test scenario is 81.784% which shows the immense
potency of this algorithm. The classification results on five different classifiers namely NN, DT,
KNN, Bagging and RF show better results and proficiency of the proposed IDS. This proves that
the proposed IDS model using PFM algorithm is capable of securing the Cloud environment from
attackers. In the future, the proposed Feature Selection algorithm can be calibrated with the
classifiers other than the ones used in this paper to perform experiments which may produce even
better results. Therefore, an efficient IDS is created that can be deployed in a cloud environment
17. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
67
to make it secure enough by detecting the attacks of the intruders which is discussed in this paper;
forwarding to more secure and stable system with surpassed accuracy and efficiency.
CONFLICT OF INTEREST
The authors declare no conflict of interest.
REFERENCES
[1] Mezni, H., Aridhi, S., Hadjali, A.: The uncertain cloud: State of the art and research challenges.
International Journal of Approximate Reasoning 103, 139–151 (2018).
[2] Lee, W., Fan, W., Miller, M., J. Stolfo, S., Zadok, E.: Toward cost-sensitive modeling for intrusion
detection and response. Journal of Computer Security 10, 5–22 (2002).
[3] Vigna, G., A. Kemmerer, R.: Netstat: A network-based intrusion detection system. Journal of
Computer Security 7, 37–71 (1999).
[4] Bahrololum, M., Salahi, E., Khaleghi, M.: Anomaly Intrusion Detection Design using Hybrid of
Unsupervised and Supervised Neural Network. International Journal of Computer Networks &
Communications 1(2), 26–33 2009.
[5] Lalli, M., Palanisamy, V.: A Novel intrusion detection model for mobile ad-hoc networks using cp-
knn. International Journal of Computer Networks & Communications 6(5), 193–201 (2014).
[6] Hasan, M.A.M., Shuxiang, X., Kabir, M.M.J., Ahmad, S.: Performance Evaluation Of Different
Kernels For Support Vector Machine Used In Intrusion Detection System. International Journal of
Computer Networks & Communications 8(6), 39–53 (2016).
[7] Ghosh, P., Bardhan, M., Chowdhury, N.R., Phadikar, S.: Ids using reinforcement learning automata
for preserving security in cloud environment. International Journal of Information System Modeling
and Design 8(4), 21–37 (2017).
[8] Manjunatha, B.A., Gogoi, P., Akkalappa, M.T.: Data mining based framework for effective intrusion
detection using hybrid feature selection approach. International Journal of Computer Network and
Information Security 11(8), 1–12 (2019).
[9] Ghosh, P., Mitra, R.: Proposed GA-BFSS and logistic regression based intrusion detection system. In:
Proceedings of the 2015 Third International Conference on Computer, Communication, Control and
Information Technology (C3IT), pp. 1–6 (2015).
[10] Kim, T.N., Tri, T.N., Nguyen, L.T., Truong, D.T.: A Combination of the Intrusion Detection System
and the Open-Source Firewall using Python Language. International Journal of Computer Networks
& Communications 14(1), 59–69 (2022).
[11] Besharati, E., Naderan, M., Namjoo, E.: LR-hids: logistic regression host-based intrusion detection
system for cloud environments. Journal of Ambient Intelligence and Humanized Computing 10,
3669–3692 (2019).
[12] Huynh, T.T., Nguyen, H.T.: On the Performance of Intrusion Detection Systems with Hidden
Multilayer Neural Network using DSD Training. International Journal of Computer Networks &
Communications 14(1), 117–137 (2022).
[13] Raman, M.G., Somu, N., Kirthivasan, K., Liscano, R., Sriram, V.S.: An efficient intrusion detection
system based on hypergraph-genetic algorithm for parameter optimization and feature selection in
support vector machine. Knowledge-Based Systems 134, 1–12 (2017).
[14] Chebrolu, S., Abraham, A., Thomas, J.P.: Feature deduction and ensemble design of intrusion
detection systems. Computers & security 24(4), 295–307 (2005).
[15] Belouch, M., Elhadaj, S., Idhammad, M.: A hybrid filter-wrapper feature selection method for ddos
detection in cloud computing. Intelligent Data Analysis 22(6), 1209–1226 (2018).
[16] Chen, L.-F., Su, C.-T., Chen, K.-H.: An improved particle swarm optimization for feature selection.
Intelligent Data Analysis 16(2), 167–182 (2012).
[17] Serpen, G., Aghaei, E.: Host-based misuse intrusion detection using pca feature extraction and knn
classification algorithms. Intelligent Data Analysis 22(5), 1101–1114 (2018).
[18] De La Hoz, E., Ortiz, A., Ortega, J., De la Hoz, E.: Network anomaly classification by support vector
classifiers ensemble and non-linear projection techniques. In: International Conference on Hybrid
Artificial Intelligence Systems, pp. 103–111 (2013). Springer.
18. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
68
[19] Bamakan, S.M.H., Wang, H., Yingjie, T., Shi, Y.: An effective intrusion detection framework based
on MCLP/SVM optimized by time-varying chaos particle swarm optimization. Neurocomputing 199,
90–102 (2016).
[20] Singh, R., Kumar, H., Singla, R.: An intrusion detection system using network traffic profiling and
online sequential extreme learning machine. Expert Systems with Applications 42(22), 8609–8624
(2015).
[21] Alzubi, Q.M., Anbar, M., Alqattan, Z.N., Al-Betar, M.A., Abdullah, R.: Intrusion detection system
based on a modified binary grey wolf optimisation. Neural Computing and Applications, 1–13
(2019).
[22] Koduru, P., Das, S., Welch, S.M.: A particle swarm optimization-nelder mead hybrid algorithm for
balanced exploration and exploitation in multidimensional search space. In: Proceedings of the 2006
International Conference on Artificial Intelligence, pp. 457–464 (2006)
[23] Siddique, N., Adeli, H.: Nature inspired computing: an overview and some future directions.
Cognitive computation 7, 706–714 (2015).
[24] Ghosh, P., Karmakar, A., Sharma, J., Phadikar, S.: Cs-pso based intrusion detection system in cloud
environment. In: Emerging Technologies in Data Mining and Information Security, pp. 261–269.
Springer (2019)
[25] Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B.: Scikit-learn: Machine learning
in python. Journal of machine Learning research 12, 2825–2830 (2011)
[26] Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the kdd cup 99 data set. In:
2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–
6 (2009). IEEE
[27] Ghosh, P., Debnath, C., Metia, D., Dutta, R.: An efficient hybrid multilevel intrusion detection
system in cloud environment. IOSR Journal of Computer Engineering 16(4), 16–26 (2014).
[28] Yin, C., Zhu, Y., Liu, S., Fei, J., Zhang, H.: Enhancing network intrusion detection classifiers using
supervised adversarial training. The Journal of Supercomputing, 1–30 (2019).
[29] Protiḉ, D.D.: Review of kdd cup’99, nsl-kdd and kyoto 2006+ datasets. Vojnotehniˇcki glasnik 66(3),
580–596 (2018).
[30] Han, J., Pei, J., Kamber, M.: Data Mining: Concepts and Techniques, (2011).
[31] Yao, X., Liu, Y., Lin, G.: Evolutionary programming made faster. IEEE Transactions on
Evolutionary computation 3(2), 82–102 (1999).
[32] Digalakis, J.G., Margaritis, K.G.: On benchmarking functions for genetic algorithms. International
journal of computer mathematics 77(4), 481–506 (2000).
[33] Mirjalili, S., Lewis, A.: The whale optimization algorithm. Advances in engineering software 95, 51–
67 (2016).
[34] Kennedy, J., Eberhart, R.: Particle swarm optimization. In: Proceedings of ICNN’95-International
Conference on Neural Networks, vol. 4, pp. 1942–1948 (1995).
[35] Rashedi, E., Nezamabadi-Pour, H., Saryazdi, S.: Gsa: a gravitational search algorithm. Information
sciences 179(13), 2232–2248 (2009).
[36] Alpaydin, E.: Introduction to Machine Learning. MIT press (2020)
[37] Ghosh, P., Mandal, A.K., Kumar, R.: An efficient cloud network intrusion detection system. In:
Information Systems Design and Intelligent Applications, pp. 91–99. Springer (2015)
[38] Abd-Eldayem, M.M.: A proposed HTTP service based IDS. 15 (1), 13-24. ISSN 11108665 (2014).
[39] Kim, G., Lee, S., Kim, S.: A novel hybrid intrusion detection method integrating anomaly detection
with misuse detection. Expert Systems with Applications 41, 1690–1700 (2014).
[40] Gogoi, P., Bhuyan, M.H., Bhattacharyya, D., Kalita, J.K.: Packet and flow based network intrusion
dataset. In: International Conference on Contemporary Computing, pp. 322–334. Springer (2012).
19. International Journal of Computer Networks & Communications (IJCNC) Vol.16, No.1, January 2024
69
AUTHORS
Partha Ghosh achieved his Ph.D. degree in Computer Science & Engineering from
Maulana Abul Kalam Azad University of Technology (MAKAUT), West Bengal, India in
2023. He completed B.Sc. in Computer Science (Hons.), M.Sc. in Computer &
Information Science and M.Tech. in Computer Science & Engineering from University of
Calcutta in 1999, 2001 and 2003 respectively. He has been working as an Assistant
Professor at Netaji Subhash Engineering College, Kolkata, West Bengal, India since 2003.
His research interests are Cloud Computing, Machine Learning, Intrusion Detection
System, Optimization Technique, Feature Selection, Computer Networks and Security etc.
Joy Sharma completed his B.Tech. in Computer Science and Engineering from Netaji
Subhash Engineering College (affiliated to MAKAUT) in 2019. He is currently working
as Software Development Engineer II at Amazon Development Centre (India) Private. He
is interested to work in Data Mining, Machine Learning, Artificial Intelligence, Cloud
Computing.
Nilesh Pandey completed his B.Tech. in Information Technology from Netaji Subhash
Engineering College (affiliated to MAKAUT) in 2020. He is currently working as
Software Development Engineer II at Zinier. His areas of interests and experience include
Machine Learning, Cloud Computing and Web-based Applications. He has worked on
developing intelligent Intrusion Detection systems during his bachelor’s studies.