In recent years, the world witnessed a rapid growth in attacks on the internet which resulted in deficiencies in networks performances. The growth was in both quantity and versatility of the attacks. To cope with this, new detection techniques are required especially the ones that use Artificial Intelligence techniques such as machine learning based intrusion detection and prevention systems. Many machine learning models are used to deal with intrusion detection and each has its own pros and cons and this is where this paper falls in, performance analysis of different Machine Learning Models for Intrusion Detection Systems based on supervised machine learning algorithms. Using Python Scikit-Learn library KNN, Support Vector Machine, Naïve Bayes, Decision Tree, Random Forest, Stochastic Gradient Descent, Gradient Boosting and Ada Boosting classifiers were designed. Performance-wise analysis using Confusion Matrix metric carried out and comparisons between the classifiers were a due. As a case study Information Gain, Pearson and F-test feature selection techniques were used and the obtained results compared to models that use all the features. One unique outcome is that the Random Forest classifier achieves the best performance with an accuracy of 99.96% and an error margin of 0.038%, which supersedes other classifiers. Using 80% reduction in features and parameters extraction from the packet header rather than the workload, a big performance advantage is achieved, especially in online environments.
Some of the main challenges in developing an effective network-based intrusion detection system (IDS) include analyzing large network traffic volumes and realizing the decision boundaries between normal and abnormal behaviors. Deploying feature selection together with efficient classifiers in the detection system can overcome these problems. Feature selection finds the most relevant features, thus reduces the dimensionality and complexity to analyze the network traffic. Moreover, using the most relevant features to build the predictive model, reduces the complexity of the developed model, thus reducing the building classifier model time and consequently improves the detection performance. In this study, two different sets of select
... Show MorePassive optical network (PON) is a point to multipoint, bidirectional, high rate optical network for data communication. Different standards of PONs are being implemented, first of all PON was ATM PON (APON) which evolved in Broadband PON (BPON). The two major types are Ethernet PON (EPON) and Gigabit passive optical network (GPON). PON with these different standards is called xPON. To have an efficient performance for the last two standards of PON, some important issues will considered. In our work we will integrate a network with different queuing models such M/M/1 and M/M/m model. After analyzing IPACT as a DBA scheme for this integrated network, we modulate cycle time, traffic load, throughput, utilization and overall delay
... Show MoreFace detection systems are based on the assumption that each individual has a unique face structure and that computerized face matching is possible using facial symmetry. Face recognition technology has been employed for security purposes in many organizations and businesses throughout the world. This research examines the classifications in machine learning approaches using feature extraction for the facial image detection system. Due to its high level of accuracy and speed, the Viola-Jones method is utilized for facial detection using the MUCT database. The LDA feature extraction method is applied as an input to three algorithms of machine learning approaches, which are the J48, OneR, and JRip classifiers. The experiment’s
... Show MoreHM Al-Dabbas, RA Azeez, AE Ali, Iraqi Journal of Science, 2023
Botnet detection develops a challenging problem in numerous fields such as order, cybersecurity, law, finance, healthcare, and so on. The botnet signifies the group of co-operated Internet connected devices controlled by cyber criminals for starting co-ordinated attacks and applying various malicious events. While the botnet is seamlessly dynamic with developing counter-measures projected by both network and host-based detection techniques, the convention techniques are failed to attain sufficient safety to botnet threats. Thus, machine learning approaches are established for detecting and classifying botnets for cybersecurity. This article presents a novel dragonfly algorithm with multi-class support vector machines enabled botnet
... Show MoreSmishing is a cybercriminal attack targeting mobile Short Message Service (SMS) devices that contains a malicious link, phone number, or email. The attacker intends to use this message to steal the victim's sensitive information, such as passwords, bank account details, and credit cards. One method of combating smishing is to raise awareness and educate users about the various tactics used by SMS phishers. But even so, this method has been criticized for becoming inefficient because smishing tactics are continually evolving. A more promising anti-smishing method is to use machine learning. This paper introduces a number of machine learning algorithms that can be used for detecting smishing. Furthermore, the differences and simil
... Show MoreBackground: Machine learning relies on a hybrid of analytics, including regression analyses. There have been no attempts to deploy a sinusoidal transformation of data to enhance linear regression models.
Objectives: We aim to optimize linear models by implementing sinusoidal transformation to minimize the sum of squared error.
Methods: We implemented non-Bayesian statistics using SPSS and MatLab. We used Excel to generate 30 trials of linear regression models, and each has 1,000 observations. We utilized SPSS linear regression, Wilcoxon signed-rank test, and Cronbach’s alpha statistics to evaluate the performance of the optimization model. Results: The sinusoidal
This paper proposes a new methodology for improving network security by introducing an optimised hybrid intrusion detection system (IDS) framework solution as a middle layer between the end devices. It considers the difficulty of updating databases to uncover new threats that plague firewalls and detection systems, in addition to big data challenges. The proposed framework introduces a supervised network IDS based on a deep learning technique of convolutional neural networks (CNN) using the UNSW-NB15 dataset. It implements recursive feature elimination (RFE) with extreme gradient boosting (XGB) to reduce resource and time consumption. Additionally, it reduces bias toward
... Show More