SpringerLink
Log in

Machine Learning Methods for Enhanced Cyber Security Intrusion Detection System

  • Chapter
  • First Online:
Advances in Computing, Informatics, Networking and Cybersecurity

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 289))

  • 779 Accesses

Abstract

In the ever-changing world of information security, networks had expanded in scale and complexity that integrates wide range of business functions, intrusion threats have increased in occurrence and intelligence. Network administrators and vendors are now moving beyond conventional Intrusion-Detection Systems (IDS), that only identify problems after they have occurred, to a novel, constructive approach termed Artificial Intelligence (AI) based intrusion detection system. Conventional network Intrusion Detection Systems and firewalls are usually preconfigured to spot malicious network attacks. Now-a-days attackers have become profounder and can try evading common detection rules. There are a few targeted areas where Artificial Intelligence will distribute the extreme evolution for Cybersecurity. To design a proactive defence mechanism, the system has to understand the intelligence of threats that are currently targeting the organization. The implementation of Machine Learning (ML) and threat intelligent-based solutions into blend can revolutionize the landscape in cyber security industry against any kinds of network attacks. Machine Learning is an application of AI that uses a system which is capable of learning from experience. Even in the era of extremely large amount of data and cybersecurity skill shortage, ML can aid in solving the most common tasks including regression, prediction, and classification. In this chapter, the origin and evolution of IDS has been described, followed by the classification of IDS. This chapter will provide a truly interactive learning experience to help and prepare the researchers for the challenges in traditional IDS and the contributions of ML in IDS. This comprehensive review briefs the prominent current works, and an outline of the datasets frequently used for evaluation purpose. Moreover, this chapter will also describe the Collaborative Intrusion Detection that enhances the Big Data Security. Finally, it presents the IDS research issues and challenges; and the skills that need to survive and thrive in today’s threat-ridden and target-rich cyber environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
EUR 29.95
Price includes VAT (France)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 106.99
Price includes VAT (France)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 137.14
Price includes VAT (France)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Mukherjee, B., Heberlein, L.T., Levitt, K.N.: Network intrusion detection. IEEE Netw. 8(3), 26–41 (2002). https://doi.org/10.1109/65.283931

    Article  Google Scholar 

  2. Chaturvedi, P.: A Systematic Literature Survey on IDS, pp. 671–676

    Google Scholar 

  3. Cheng, T.H., Lin, Y.D., Lai, Y.C., Lin, P.C.: Evasion techniques: sneaking through your intrusion detection/prevention systems. IEEE Commun. Surv. Tutorials 14(4), 1011–1020 (2012). https://doi.org/10.1109/SURV.2011.092311.00082

    Article  Google Scholar 

  4. Sommestad, T., Hunstad, A.: Intrusion detection and the role of the system administrator. Inf. Manag. Comput. Secur. 21(1), 30–40 (2013). https://doi.org/10.1108/09685221311314400

    Article  Google Scholar 

  5. Liao, H.J., Richard Lin, C.H., Lin, Y.C., Tung, K.Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013). https://doi.org/10.1016/j.jnca.2012.09.004

  6. Estevez-Tapiador, J.M.: Book review: practical intrusion prevention. IEEE Distrib. Syst. Online 7(6), 5–5 (2006). https://doi.org/10.1109/mdso.2006.39

    Article  Google Scholar 

  7. Satheesh Kumar, M., Ben-Othman, J., Srinivasagan, K.G.: An investigation on wannacry ransomware and its detection. In: Proceedings—IEEE Symposium on Computers and Communications, vol. 2018-June (2018). https://doi.org/10.1109/ISCC.2018.8538354

  8. Sheldon, F.T., Weber, J.M., Yoo, S.M., Pan, W.D.: The insecurity of wireless networks. IEEE Secur. Priv. 10(4), 54–61 (2012). https://doi.org/10.1109/MSP.2012.60

    Article  Google Scholar 

  9. Shafi, K., Abbass, H.A.: Evaluation of an adaptive genetic-based signature extraction system for network intrusion detection. Pattern Anal. Appl. 16(4), 549–566 (2013). https://doi.org/10.1007/s10044-011-0255-5

    Article  MathSciNet  Google Scholar 

  10. **ong, W., et al.: Anomaly secure detection methods by analyzing dynamic characteristics of the network traffic in cloud communications. Inf. Sci. (Ny) 258(60773192), 403–415 (2014). https://doi.org/10.1016/j.ins.2013.04.009

    Article  Google Scholar 

  11. Atighetchi, M., Pal, P., Webber, F., Schantz, R., Jones, C., Loyall, J.: For Survival and,\” no. December, pp. 25–33 (2004)

    Google Scholar 

  12. KishorWagh, S., Pachghare, V.K., Kolhe, S.R.: Survey on intrusion detection system using machine learning techniques. Int. J. Comput. Appl. 78(16), 30–37 (2013). https://doi.org/10.5120/13608-1412

    Article  Google Scholar 

  13. Borkar, A., Donode, A., Kumari, A.: A survey on intrusion detection system (IDS) and internal intrusion detection and protection system (IIDPS). In: Proceedings of International Conference on Inventive Computing and Informatics (ICICI 2017), no. Icici, pp. 949–953 (2018). https://doi.org/10.1109/ICICI.2017.8365277

  14. Hindy, H., et al.: A taxonomy of network threats and the effect of current datasets on intrusion detection systems. IEEE Access 8, 104650–104675 (2020). https://doi.org/10.1109/ACCESS.2020.3000179

    Article  Google Scholar 

  15. Danda, J.M.R., Hota, C.: Attack identification framework for IoT devices. In: Advances in Intelligent Systems and Computing, vol. 434 (2016). https://doi.org/10.1007/978-81-322-2752-6_49

  16. Toumi, H., Talea, M., Sabiri, K., Eddaoui, A.: Toward a trusted framework for cloud computing (2015). https://doi.org/10.1109/CloudTech.2015.7337013

  17. Guerroumi, M., Derhab, A., Saleem, K.: Intrusion Detection System against Sink Hole Attack in Wireless Sensor Networks with Mobile Sink (2015). https://doi.org/10.1109/ITNG.2015.56

  18. Modi, C., Patel, D.: A feasible approach to intrusion detection in virtual network layer of Cloud computing. Sadhana—Acad. Proc. Eng. Sci. 43(7) (2018). https://doi.org/10.1007/s12046-018-0910-2

  19. Vaid, C., Verma, H.K.: Anomaly-based IDS implementation in cloud environment using BOAT algorithm (2015). https://doi.org/10.1109/ICRITO.2014.7014762

  20. Alheeti, K.M.A., Gruebler, A., McDonald-Maier, K.D.: An intrusion detection system against malicious attacks on the communication network of driverless cars (2015). https://doi.org/10.1109/CCNC.2015.7158098

  21. Hong, J., Liu, C.C., Govindarasu, M.: Detection of cyber intrusions using network-based multicast messages for substation automation (2014). https://doi.org/10.1109/ISGT.2014.6816375

  22. Satam, P.: Cross layer anomaly based intrusion detection system (2015). https://doi.org/10.1109/SASOW.2015.31

  23. Haider, W., Hu, J., Yu, X., **e, Y.: Integer Data Zero-Watermark Assisted System Calls Abstraction and Normalization for Host Based Anomaly Detection Systems (2016). https://doi.org/10.1109/CSCloud.2015.11

  24. Narsingyani, D., Kale, O.: Optimizing false positive in anomaly based intrusion detection using Genetic algorithm (2016). https://doi.org/10.1109/MITE.2015.7375291

  25. Aissa, N.B., Guerroumi, M.: A genetic clustering technique for Anomaly-based Intrusion Detection Systems (2015). https://doi.org/10.1109/SNPD.2015.7176182

  26. Vasudeo, S.H., Patil, P., Kumar, R.V.: IMMIX-intrusion detection and prevention system (2015). https://doi.org/10.1109/ICSTM.2015.7225396

  27. Banerjee, S., Nandi, R., Dey, R., Saha, H.N.: A review on different Intrusion Detection Systems for MANET and its vulnerabilities (2015). https://doi.org/10.1109/IEMCON.2015.7344466

  28. Liu, H., Lang, B.: Machine learning and deep learning methods for intrusion detection systems: a survey. Appl. Sci. 9(20) (2019). https://doi.org/10.3390/app9204396

  29. Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutorials 18(2), 1153–1176 (2016). https://doi.org/10.1109/COMST.2015.2494502

    Article  Google Scholar 

  30. Hodo, E., Bellekens, X., Hamilton, A., Tachtatzis, C., Atkinson, R.: Shallow and deep networks intrusion detection system: a taxonomy and survey, ar**v, pp. 1–43 (2017)

    Google Scholar 

  31. Tan, Z., et al.: Enhancing big data security with collaborative intrusion detection. IEEE Cloud Comput. 1(3), 27–33 (2014). https://doi.org/10.1109/MCC.2014.53

    Article  Google Scholar 

  32. Aburomman, A.A., Reaz, M.B.I.: Survey of learning methods in intrusion detection system. In: 2016 International Conference on Advances in Electrical, Electronic and Systems Engineering, ICAEES 2016, no. Ml, pp. 362–365 (2017). https://doi.org/10.1109/ICAEES.2016.7888070

  33. Shah, B., Trivedi, B.H.: Artificial neural network based intrusion detection system: a survey. Int. J. Comput. Appl. 39(6), 13–18 (2012). https://doi.org/10.5120/4823-7074

    Article  Google Scholar 

  34. Eskandari, M., Janjua, Z.H., Vecchio, M., Antonelli, F.: Passban IDS: an intelligent anomaly-based intrusion detection system for IoT edge devices. IEEE Internet Things J. 7(8), 6882–6897 (2020). https://doi.org/10.1109/JIOT.2020.2970501

    Article  Google Scholar 

  35. Sarnovsky, M., Paralic, J.: SS symmetry Learning and Knowledge Model, pp. 1–14 (2020)

    Google Scholar 

  36. Liu, Z., Ghulam, M.-U.-D., Zhu, Y., Yan, X., Wang, L., Jiang, Z., Luo, J.: Deep Learning Approach for IDS (2020), pp. 471–479. https://doi.org/10.1007/978-981-15-0637-6_40

  37. Vinayakumar, R., Alazab, M., Soman, K.P., Poornachandran, P., Al-Nemrat, A., Venkatraman, S.: Deep learning approach for intelligent intrusion detection system. IEEE Access 7(c), 41525–41550 (2019). https://doi.org/10.1109/ACCESS.2019.2895334

  38. Salo, F., Nassif, A.B., Essex, A.: Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection. Comput. Networks 148, 164–175 (2019). https://doi.org/10.1016/j.comnet.2018.11.010

    Article  Google Scholar 

  39. Sonewar, P.A., Thosar, S.D.: Detection of SQL injection and XSS attacks in three tier web applications. In: Proceedings—2nd International Conference on Computing Communication Control and automation (ICCUBEA). ICCUBEA 2016 (2017). https://doi.org/10.1109/ICCUBEA.2016.7860069

  40. Masduki, B.W., Ramli, K., Saputra, F.A., Sugiarto, D.: Study on implementation of machine learning methods combination for improving attacks detection accuracy on Intrusion Detection System (IDS). In: 14th Int. Conf. QiR (Quality Res. QiR 2015—conjunction with 4th Asian Symp. Mater. Process. ASMP 2015 Int. Conf. Sav. Energy Refrig. Air Cond. ICSERA 2015, pp. 56–64 (2016). https://doi.org/10.1109/QiR.2015.7374895

  41. Sahin, Y., Bulkan, S., Duman, E.: A cost-sensitive decision tree approach for fraud detection. Expert Syst. Appl. 40(15), 5916–5923 (2013). https://doi.org/10.1016/j.eswa.2013.05.021

    Article  Google Scholar 

  42. Shin, S., Lee, S., Kim, H., Kim, S.: Advanced probabilistic approach for network intrusion forecasting and detection. Expert Syst. Appl. 40(1), 315–322 (2013). https://doi.org/10.1016/j.eswa.2012.07.057

    Article  Google Scholar 

  43. Kang, I., Jeong, M.K., Kong, D.: A differentiated one-class classification method with applications to intrusion detection. Expert Syst. Appl. 39(4), 3899–3905 (2012). https://doi.org/10.1016/j.eswa.2011.06.033

    Article  Google Scholar 

  44. Tong, X., Wang, Z., Yu, H.: A research using hybrid RBF/Elman neural networks for intrusion detection system secure model. Comput. Phys. Commun. 180(10), 1795–1801 (2009). https://doi.org/10.1016/j.cpc.2009.05.004

    Article  Google Scholar 

  45. Sánchez, D., Vila, M.A., Cerda, L., Serrano, J.M.: Association rules applied to credit card fraud detection. Expert Syst. Appl. 36(2 PART 2), 3630–3640 (2009). https://doi.org/10.1016/j.eswa.2008.02.001

  46. Das, K., Schneider, J., Neill, D.B.: Anomaly pattern detection in categorical datasets. In: Proceedings of ACM SIGKDD Conference on Knowledge Discovery and Data Mining, pp. 169–176 (2008). https://doi.org/10.1145/1401890.1401915

  47. Kompella, R.R., Singh, S., Varghese, G.: On scalable attack detection in the network. IEEE/ACM Trans. Netw. 15(1), 14–25 (2007). https://doi.org/10.1109/TNET.2006.890115

    Article  Google Scholar 

  48. Satheesh Kumar, M., Srinivasagan, K.G. Ben-Othman, J.: Sniff-Phish: A novel framework for resource intensive computation in cloud to detect email scam. Trans. Emerg. Telecommun. Technol. 30(6) (2019). https://doi.org/10.1002/ett.3590

Download references

Author information

Authors and Affiliations

  1. Department of Electronics and Communication Engineering, National Engineering College, Kovilpatti, Tamil Nadu, 628503, India

    M Satheesh Kumar

  2. L2S Lab CentraleSupélec, Université de Paris Sud et Université de Paris 13, Rue Juliot Curie, 91190, Gif sur Yvette, France

    Jalel Ben-Othman

  3. Department of Information Technology, National Engineering College, Kovilpatti, Tamil Nadu, 628503, India

    K G Srinivasagan

  4. School of Information Technology and Engineering, Vellore Institute of Technology, Katpadi, Tamil Nadu, 632014, India

    P Umarani

Authors
  1. M Satheesh Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jalel Ben-Othman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. K G Srinivasagan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. P Umarani
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Informatics, Aristotle University of Thessaloniki, Thessaloniki, Greece

    Petros Nicopolitidis

  2. Department of Computer Science and Engineering, Indian Institute of Technology, Kharagpur, West Bengal, India

    Sudip Misra

  3. Department of Computer Science, St. Francis Xavier University, Antigonish, NS, Canada

    Laurence T. Yang

  4. Department of Electrical and Computer Engineering, University of Arizona, Tucson, AZ, USA

    Bernard Zeigler

  5. Dalian University of Technology, Dalian, China

    Zhaolng Ning

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Satheesh Kumar, M., Ben-Othman, J., Srinivasagan, K.G., Umarani, P. (2022). Machine Learning Methods for Enhanced Cyber Security Intrusion Detection System. In: Nicopolitidis, P., Misra, S., Yang, L.T., Zeigler, B., Ning, Z. (eds) Advances in Computing, Informatics, Networking and Cybersecurity. Lecture Notes in Networks and Systems, vol 289. Springer, Cham. https://doi.org/10.1007/978-3-030-87049-2_27

Download citation

Publish with us

Policies and ethics

Search

Navigation