آمار
| تعداد نشریات | 36 |
| تعداد شمارهها | 1,192 |
| تعداد مقالات | 8,579 |
| تعداد مشاهده مقاله | 6,988,691 |
| تعداد دریافت فایل اصل مقاله | 4,032,537 |
تشخیص نفوذ در شبکه های رایانهای با استفاده از درخت تصمیم و کاهش ویژگی ها | ||
| پدافند الکترونیکی و سایبری | ||
| دوره 9، شماره 3 - شماره پیاپی 35، آذر 1400، صفحه 99-108 اصل مقاله (691.9 K) | ||
| نوع مقاله: مقاله پژوهشی | ||
| نویسنده | ||
| علی اکبر تجری سیاه مرزکوه* | ||
| استادیار،گروه علوم کامپیوتر، دانشگاه گلستان ،گرگان، ایران | ||
| تاریخ دریافت: 05 آذر 1399، تاریخ بازنگری: 23 اسفند 1399، تاریخ پذیرش: 21 فروردین 1400 | ||
| چکیده | ||
| امروزه نیاز به سیستمهای تشخیص نفوذ مبتنی بر ناهنجاری بهدلیل ظهور حملات جدید و افزایش سرعت اینترنت بیشتر از قبل احساس میشود. معیار اصلی برای تعیین اعتبار یک سیستم تشخیص نفوذ کارآمد، تشخیص حملات با دقّت بالا است. سیستمهای موجود علاوه بر ناتوانی در مدیریت رو به رشدحملات،دارای نرخهای بالای تشخیص مثبت و منفی نادرست نیز میباشند. در این مقاله از ویژگیهایدرخت تصمیمID3 برای سیستمهای تشخیص نفوذ مبتنی بر ناهنجاری استفاده میشود. همچنین از دو روش انتخاب ویژگی برای کاهش میزان دادههای استفاده شده برای تشخیص و دستهبندی استفاده میشود. برای ارزیابی الگوریتم پیشنهادی از مجموعه داده KDD Cup99 استفاده شده است. نتایج آزمایش نشان دهنده میزان دقّت تشخیص برای حملهDoS به میزان89/99% و بهطورمیانگین میزان دقّت 65/94% برای کلّیه حملات با استفاده از درخت تصمیم است که بیانگر مقادیر بهتر نسبت به کارهای قبلی است. | ||
| کلیدواژهها | ||
| تشخیص نفوذ؛ درخت تصمیم؛ خوشه بندی k-means؛ حمله ی DoS؛ مجموعه داده KDD Cup99 | ||
| عنوان مقاله [English] | ||
| Intrusion Detection in Computer Networks using Decision Tree and Feature Reduction | ||
| نویسندگان [English] | ||
| Aliakbar Tajari Siahmarzkooh | ||
| Assistant Professor, Department of Computer Science, Golestan University, Gorgan, Iran | ||
| چکیده [English] | ||
| Today, the need for anomaly-based intrusion detection systems is felt more than ever due to the emergence of new attacks and the increase in Internet speed. The main criterion for determining the validity of an efficient intrusion detection system is the detection of attacks with high accuracy. In addition to inability of existing systems to manage growing attacks, also they have high rates of positive and negative misdiagnosis. This paper uses the ID3 decision tree features for anomaly-based intrusion detection systems. Two feature selection methods are also used to reduce the amount of used data for the detection and categorization. The KDD Cup99 dataset was used to evaluate the proposed algorithm. The test results show a detection accuracy of 99.89% for the DoS attack and an average accuracy of 94.65% for all attacks using the decision tree, indicating better values than previous tasks. | ||
| کلیدواژهها [English] | ||
| intrusion detection, decision tree, k-means clustering, DoS attack, KDD Cup99 dataset | ||
| مراجع | ||
|
[1] D.E. Denning, “An intrusion detection model,” IEEE Symposium on Security and Privacy, vol. 13, [2] C. Gates, C. Taylor, “Challenging the anomaly detection paradigm: A provocative discussion,” Proceedings of 2006 Workshop, New Security Paradigms, pp. 21-29, 2007. [3] R. Sommer, V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,”Proceedings of IEEE Symposium on Security and Privacy, pp.305-316, 2010. [4] J. Peng, K.K.R. Choo, H. Ashman, “User profiling in intrusion detection: A review,” Journal of Network and Computer Applications, vol. 72, pp.14-27, 2016. [5] A.I. Abubakar, H. Chiroma, S.A. Muaz, L.B. Ila, “A review of the advances in cyber security benchmark datasets for evaluating data-driven based intrusion detection systems,” Procedia Computer Science, [6] V. Paxson, S. Floyd, “Wide-area traffic: The failure of Poisson modeling,” IEEE/ACM Transactions on Networking, vol. 3, pp. 226-244, 1995. [7] D. Canali, M. Cova, G. Vigna, C. Kruegel, “Prophiler: A fast filter for the large -scale detection of malicious Web pages categories and subject descriptors,” [8] A. Shiravi, H. Shiravi, M. Tavallaee, A. Ghorbani, “Toward developing a systematic approach to generate benchmark datasets for intrusion detection,” Computers & Security, vol. 31, pp. 357-354, 2012. [9] M. Tavallaee, E. Bagheri, W. Lu, A. a. Ghorbani, “A detailed analysis of the KDD CUP 99 data set,” IEEE Symposium on Computational Intelligence in Security and Defense Applications (CISDA), pp. 1-6, 2009. [10] U. Shaukat, Z. Anwar, “A fast and scalable technique for constructing multicast routing trees with optimized quality of service using a firefly based genetic algorithm,” Multimedia Tools and Applications, [11] L.S. Oliveira, R. Sabourin, F. Bortolozzi, C.Y. Suen, “A methodology feature selection using multi-objective genetic algorithms for handwritten digit string recognition,” International Journal of Pattern Recognition and Artificial Intelligence, vol. 17, pp. 903-929, 2003. [12] Z. Fei, B. Li, S. Yang, C. Xing, H. Chen, L. Hanzo, “A survey of multi-objective optimization in wireless sensor networks: Metrics Algorithms and Open Problems,” in: IEEE Communications Surveys & Tutorials, vol. 19, pp. 550-586, 2017. [13] E. De, A. Ortiz, A. Martinez-Alvarez, “Feature selection by multi-objective optimization: Application to network anomaly detection by hierarchical self-organizing maps,” Knowledge-based Systems, vol. 71, pp. 322-338, 2014. [14] E. Viegas, A. Santin, A. Franca, R. Jasinksi, V. Pedroni, L. Oliveira, “Towards an energy-efficient anomaly-based intrusion detection engine for embedded systems,” IEEE Transactions on Computers, vol. 66, pp. 163-177, 2017. [15] F. A. Khan, A. Gumaei, A. Derhab, A. Hussain, “A novel two-stage deep learning model for efficient network intrusion detection,” IEEE Access, vol. 7, pp. 30373–30385, 2019. [16] J. Luo, S. Chai, B. Zhang, Y. Xia, J. Gao, G. Zeng, “A novel intrusion detection method based on threshold modification using receiver operating characteristic curve,” Concurrency and Computation: Practice and Experience, pp. 5690-5703, 2020. [17] M. Ahsan, M. Mashuri, M. H. Lee, H. Kuswanto, D.D. Prastyo, “Robust adaptive multivariate hotelling’s t2 control chart based on kernel density estimation for intrusion detection system,” Expert Systems with Applications, vol. 145, pp. 113105, 2020. [18] N. Moustafa, J. Slay, G. Creech, “Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks,” IEEE Transactions on Big Data, vol. 5, no. 4, [19] F. Gottwalt, E. Chang, T. Dillon, “Corrcorr: A feature selection method for multivariate correlation network anomaly detection techniques,” Computers&Security, vol. 83, pp. 234–245, 2019. [20] A. Maroosi, E. Zabbah, H.A. Khabbaz, “Network Intrusion Detection using a Combination of Artificial Neural Networks in a Hierarchical Manner,” Journal of Electronical & Cyber Defence, Vol. 8, pp. 89-99, 2020. (In Persian) [21] R. Jalaei, M.R. Hasani Ahangar, “Detecting Botnets with Timing-Based Covert Command and Control Channels,” Journal of Electronical & Cyber Defence, Vol. 7, pp. 1-15, 2019. (In Persian) [22] C. Jie, L. Jiawei, W. Shulin, Y. Sheng, “Feature selection in machine learning: A new perspective,” Neurocomputing, vol. 300, pp. 70-79, 2018. [23] I. Caturvedi, E. Ragusa, P. Gastaldo, R. Zunino, E. Cambria, “Bayesian network based extreme learning machine for subjectivity detection,” Journal of the Franklin Institute, vol. 355, pp. 1780-1797, 2018. [24] R. Elkan, “Results of the KDD 99 classifier learning,” ACM SIGKDD Explorations Newsletter, vol. 1, pp.63-64, 2000. [25] M. Aldwairi, Y. Khamayseh, M. Al-Masri, “Application of artificial bee colony for intrusion detection systems,” Security and Communication Networks, vol. 8, pp. 2730-2740, 2015. [26] H. Shirazi, Y. Kalaji, “An intelligent intrusion detection system using genetic algorithms and features selection,” Majlesi Journal of Electrical Engineering March, vol. 4, pps.33-43, 2010.
| ||
|
آمار تعداد مشاهده مقاله: 912 تعداد دریافت فایل اصل مقاله: 557 |
||