Abstract
In the ever-changing world of information security, networks had expanded in scale and complexity that integrates wide range of business functions, intrusion threats have increased in occurrence and intelligence. Network administrators and vendors are now moving beyond conventional Intrusion-Detection Systems (IDS), that only identify problems after they have occurred, to a novel, constructive approach termed Artificial Intelligence (AI) based intrusion detection system. Conventional network Intrusion Detection Systems and firewalls are usually preconfigured to spot malicious network attacks. Now-a-days attackers have become profounder and can try evading common detection rules. There are a few targeted areas where Artificial Intelligence will distribute the extreme evolution for Cybersecurity. To design a proactive defence mechanism, the system has to understand the intelligence of threats that are currently targeting the organization. The implementation of Machine Learning (ML) and threat intelligent-based solutions into blend can revolutionize the landscape in cyber security industry against any kinds of network attacks. Machine Learning is an application of AI that uses a system which is capable of learning from experience. Even in the era of extremely large amount of data and cybersecurity skill shortage, ML can aid in solving the most common tasks including regression, prediction, and classification. In this chapter, the origin and evolution of IDS has been described, followed by the classification of IDS. This chapter will provide a truly interactive learning experience to help and prepare the researchers for the challenges in traditional IDS and the contributions of ML in IDS. This comprehensive review briefs the prominent current works, and an outline of the datasets frequently used for evaluation purpose. Moreover, this chapter will also describe the Collaborative Intrusion Detection that enhances the Big Data Security. Finally, it presents the IDS research issues and challenges; and the skills that need to survive and thrive in today’s threat-ridden and target-rich cyber environment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Mukherjee, B., Heberlein, L.T., Levitt, K.N.: Network intrusion detection. IEEE Netw. 8(3), 26–41 (2002). https://doi.org/10.1109/65.283931
Chaturvedi, P.: A Systematic Literature Survey on IDS, pp. 671–676
Cheng, T.H., Lin, Y.D., Lai, Y.C., Lin, P.C.: Evasion techniques: sneaking through your intrusion detection/prevention systems. IEEE Commun. Surv. Tutorials 14(4), 1011–1020 (2012). https://doi.org/10.1109/SURV.2011.092311.00082
Sommestad, T., Hunstad, A.: Intrusion detection and the role of the system administrator. Inf. Manag. Comput. Secur. 21(1), 30–40 (2013). https://doi.org/10.1108/09685221311314400
Liao, H.J., Richard Lin, C.H., Lin, Y.C., Tung, K.Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013). https://doi.org/10.1016/j.jnca.2012.09.004
Estevez-Tapiador, J.M.: Book review: practical intrusion prevention. IEEE Distrib. Syst. Online 7(6), 5–5 (2006). https://doi.org/10.1109/mdso.2006.39
Satheesh Kumar, M., Ben-Othman, J., Srinivasagan, K.G.: An investigation on wannacry ransomware and its detection. In: Proceedings—IEEE Symposium on Computers and Communications, vol. 2018-June (2018). https://doi.org/10.1109/ISCC.2018.8538354
Sheldon, F.T., Weber, J.M., Yoo, S.M., Pan, W.D.: The insecurity of wireless networks. IEEE Secur. Priv. 10(4), 54–61 (2012). https://doi.org/10.1109/MSP.2012.60
Shafi, K., Abbass, H.A.: Evaluation of an adaptive genetic-based signature extraction system for network intrusion detection. Pattern Anal. Appl. 16(4), 549–566 (2013). https://doi.org/10.1007/s10044-011-0255-5
**ong, W., et al.: Anomaly secure detection methods by analyzing dynamic characteristics of the network traffic in cloud communications. Inf. Sci. (Ny) 258(60773192), 403–415 (2014). https://doi.org/10.1016/j.ins.2013.04.009
Atighetchi, M., Pal, P., Webber, F., Schantz, R., Jones, C., Loyall, J.: For Survival and,\” no. December, pp. 25–33 (2004)
KishorWagh, S., Pachghare, V.K., Kolhe, S.R.: Survey on intrusion detection system using machine learning techniques. Int. J. Comput. Appl. 78(16), 30–37 (2013). https://doi.org/10.5120/13608-1412
Borkar, A., Donode, A., Kumari, A.: A survey on intrusion detection system (IDS) and internal intrusion detection and protection system (IIDPS). In: Proceedings of International Conference on Inventive Computing and Informatics (ICICI 2017), no. Icici, pp. 949–953 (2018). https://doi.org/10.1109/ICICI.2017.8365277
Hindy, H., et al.: A taxonomy of network threats and the effect of current datasets on intrusion detection systems. IEEE Access 8, 104650–104675 (2020). https://doi.org/10.1109/ACCESS.2020.3000179
Danda, J.M.R., Hota, C.: Attack identification framework for IoT devices. In: Advances in Intelligent Systems and Computing, vol. 434 (2016). https://doi.org/10.1007/978-81-322-2752-6_49
Toumi, H., Talea, M., Sabiri, K., Eddaoui, A.: Toward a trusted framework for cloud computing (2015). https://doi.org/10.1109/CloudTech.2015.7337013
Guerroumi, M., Derhab, A., Saleem, K.: Intrusion Detection System against Sink Hole Attack in Wireless Sensor Networks with Mobile Sink (2015). https://doi.org/10.1109/ITNG.2015.56
Modi, C., Patel, D.: A feasible approach to intrusion detection in virtual network layer of Cloud computing. Sadhana—Acad. Proc. Eng. Sci. 43(7) (2018). https://doi.org/10.1007/s12046-018-0910-2
Vaid, C., Verma, H.K.: Anomaly-based IDS implementation in cloud environment using BOAT algorithm (2015). https://doi.org/10.1109/ICRITO.2014.7014762
Alheeti, K.M.A., Gruebler, A., McDonald-Maier, K.D.: An intrusion detection system against malicious attacks on the communication network of driverless cars (2015). https://doi.org/10.1109/CCNC.2015.7158098
Hong, J., Liu, C.C., Govindarasu, M.: Detection of cyber intrusions using network-based multicast messages for substation automation (2014). https://doi.org/10.1109/ISGT.2014.6816375
Satam, P.: Cross layer anomaly based intrusion detection system (2015). https://doi.org/10.1109/SASOW.2015.31
Haider, W., Hu, J., Yu, X., **e, Y.: Integer Data Zero-Watermark Assisted System Calls Abstraction and Normalization for Host Based Anomaly Detection Systems (2016). https://doi.org/10.1109/CSCloud.2015.11
Narsingyani, D., Kale, O.: Optimizing false positive in anomaly based intrusion detection using Genetic algorithm (2016). https://doi.org/10.1109/MITE.2015.7375291
Aissa, N.B., Guerroumi, M.: A genetic clustering technique for Anomaly-based Intrusion Detection Systems (2015). https://doi.org/10.1109/SNPD.2015.7176182
Vasudeo, S.H., Patil, P., Kumar, R.V.: IMMIX-intrusion detection and prevention system (2015). https://doi.org/10.1109/ICSTM.2015.7225396
Banerjee, S., Nandi, R., Dey, R., Saha, H.N.: A review on different Intrusion Detection Systems for MANET and its vulnerabilities (2015). https://doi.org/10.1109/IEMCON.2015.7344466
Liu, H., Lang, B.: Machine learning and deep learning methods for intrusion detection systems: a survey. Appl. Sci. 9(20) (2019). https://doi.org/10.3390/app9204396
Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutorials 18(2), 1153–1176 (2016). https://doi.org/10.1109/COMST.2015.2494502
Hodo, E., Bellekens, X., Hamilton, A., Tachtatzis, C., Atkinson, R.: Shallow and deep networks intrusion detection system: a taxonomy and survey, ar**v, pp. 1–43 (2017)
Tan, Z., et al.: Enhancing big data security with collaborative intrusion detection. IEEE Cloud Comput. 1(3), 27–33 (2014). https://doi.org/10.1109/MCC.2014.53
Aburomman, A.A., Reaz, M.B.I.: Survey of learning methods in intrusion detection system. In: 2016 International Conference on Advances in Electrical, Electronic and Systems Engineering, ICAEES 2016, no. Ml, pp. 362–365 (2017). https://doi.org/10.1109/ICAEES.2016.7888070
Shah, B., Trivedi, B.H.: Artificial neural network based intrusion detection system: a survey. Int. J. Comput. Appl. 39(6), 13–18 (2012). https://doi.org/10.5120/4823-7074
Eskandari, M., Janjua, Z.H., Vecchio, M., Antonelli, F.: Passban IDS: an intelligent anomaly-based intrusion detection system for IoT edge devices. IEEE Internet Things J. 7(8), 6882–6897 (2020). https://doi.org/10.1109/JIOT.2020.2970501
Sarnovsky, M., Paralic, J.: SS symmetry Learning and Knowledge Model, pp. 1–14 (2020)
Liu, Z., Ghulam, M.-U.-D., Zhu, Y., Yan, X., Wang, L., Jiang, Z., Luo, J.: Deep Learning Approach for IDS (2020), pp. 471–479. https://doi.org/10.1007/978-981-15-0637-6_40
Vinayakumar, R., Alazab, M., Soman, K.P., Poornachandran, P., Al-Nemrat, A., Venkatraman, S.: Deep learning approach for intelligent intrusion detection system. IEEE Access 7(c), 41525–41550 (2019). https://doi.org/10.1109/ACCESS.2019.2895334
Salo, F., Nassif, A.B., Essex, A.: Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection. Comput. Networks 148, 164–175 (2019). https://doi.org/10.1016/j.comnet.2018.11.010
Sonewar, P.A., Thosar, S.D.: Detection of SQL injection and XSS attacks in three tier web applications. In: Proceedings—2nd International Conference on Computing Communication Control and automation (ICCUBEA). ICCUBEA 2016 (2017). https://doi.org/10.1109/ICCUBEA.2016.7860069
Masduki, B.W., Ramli, K., Saputra, F.A., Sugiarto, D.: Study on implementation of machine learning methods combination for improving attacks detection accuracy on Intrusion Detection System (IDS). In: 14th Int. Conf. QiR (Quality Res. QiR 2015—conjunction with 4th Asian Symp. Mater. Process. ASMP 2015 Int. Conf. Sav. Energy Refrig. Air Cond. ICSERA 2015, pp. 56–64 (2016). https://doi.org/10.1109/QiR.2015.7374895
Sahin, Y., Bulkan, S., Duman, E.: A cost-sensitive decision tree approach for fraud detection. Expert Syst. Appl. 40(15), 5916–5923 (2013). https://doi.org/10.1016/j.eswa.2013.05.021
Shin, S., Lee, S., Kim, H., Kim, S.: Advanced probabilistic approach for network intrusion forecasting and detection. Expert Syst. Appl. 40(1), 315–322 (2013). https://doi.org/10.1016/j.eswa.2012.07.057
Kang, I., Jeong, M.K., Kong, D.: A differentiated one-class classification method with applications to intrusion detection. Expert Syst. Appl. 39(4), 3899–3905 (2012). https://doi.org/10.1016/j.eswa.2011.06.033
Tong, X., Wang, Z., Yu, H.: A research using hybrid RBF/Elman neural networks for intrusion detection system secure model. Comput. Phys. Commun. 180(10), 1795–1801 (2009). https://doi.org/10.1016/j.cpc.2009.05.004
Sánchez, D., Vila, M.A., Cerda, L., Serrano, J.M.: Association rules applied to credit card fraud detection. Expert Syst. Appl. 36(2 PART 2), 3630–3640 (2009). https://doi.org/10.1016/j.eswa.2008.02.001
Das, K., Schneider, J., Neill, D.B.: Anomaly pattern detection in categorical datasets. In: Proceedings of ACM SIGKDD Conference on Knowledge Discovery and Data Mining, pp. 169–176 (2008). https://doi.org/10.1145/1401890.1401915
Kompella, R.R., Singh, S., Varghese, G.: On scalable attack detection in the network. IEEE/ACM Trans. Netw. 15(1), 14–25 (2007). https://doi.org/10.1109/TNET.2006.890115
Satheesh Kumar, M., Srinivasagan, K.G. Ben-Othman, J.: Sniff-Phish: A novel framework for resource intensive computation in cloud to detect email scam. Trans. Emerg. Telecommun. Technol. 30(6) (2019). https://doi.org/10.1002/ett.3590
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Satheesh Kumar, M., Ben-Othman, J., Srinivasagan, K.G., Umarani, P. (2022). Machine Learning Methods for Enhanced Cyber Security Intrusion Detection System. In: Nicopolitidis, P., Misra, S., Yang, L.T., Zeigler, B., Ning, Z. (eds) Advances in Computing, Informatics, Networking and Cybersecurity. Lecture Notes in Networks and Systems, vol 289. Springer, Cham. https://doi.org/10.1007/978-3-030-87049-2_27
Download citation
DOI: https://doi.org/10.1007/978-3-030-87049-2_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-87048-5
Online ISBN: 978-3-030-87049-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)