Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is ope

This paper proposes a new methodology for improving network security by introducing an optimised hybrid intrusion detection system (IDS) framework solution as a middle layer between the end devices. It considers the difficulty of updating databases to uncover new threats that plague firewalls and detection systems, in addition to big data challenges. The proposed framework introduces a supervised network IDS based on a deep learning technique of convolutional neural networks (CNN) using the UNSW-NB15 dataset. It implements recursive feature elimination (RFE) with extreme gradient boosting (XGB) to reduce resource and time consumption. Additionally, it reduces bias toward

With the high usage of computers and networks in the current time, the amount of security threats is increased. The study of intrusion detection systems (IDS) has received much attention throughout the computer science field. The main objective of this study is to examine the existing literature on various approaches for Intrusion Detection. This paper presents an overview of different intrusion detection systems and a detailed analysis of multiple techniques for these systems, including their advantages and disadvantages. These techniques include artificial neural networks, bio-inspired computing, evolutionary techniques, machine learning, and pattern recognition.

Nowad ays, with the development of internet communication that provides many facilities to the user leads in turn to growing unauthorized access. As a result, intrusion detection system (IDS) becomes necessary to provide a high level of security for huge amount of information transferred in the network to protect them from threats. One of the main challenges for IDS is the high dimensionality of the feature space and how the relevant features to distinguish the normal network traffic from attack network are selected. In this paper, multi-objective evolutionary algorithm with decomposition (MOEA/D) and MOEA/D with the injection of a proposed local search operator are adopted to solve the Multi-objective optimization (MOO) followed by Naï

Intrusion-detection systems (IDSs) aim at detecting attacks against computer systems and networks or, in general, against information systems. Most of the diseases in human body are discovered through Deoxyribonucleic Acid (DNA) investigations. In this paper, the DNA sequence is utilized for intrusion detection by proposing an approach to detect attacks in network. The proposed approach is a misuse intrusion detection that consists of three stages. First, a DNA sequence for a network traffic taken from Knowledge Discovery and Data mining (KDD Cup 99) is generated. Then, Teiresias algorithm, which is used to detect sequences in human DNA and assist researchers in decoding the human genome, is used to discover the Shortest Tandem Repeat (S

Secure data communication across networks is always threatened with intrusion and abuse. Network Intrusion Detection System (IDS) is a valuable tool for in-depth defense of computer networks. Most research and applications in the field of intrusion detection systems was built based on analysing the several datasets that contain the attacks types using the classification of batch learning machine. The present study presents the intrusion detection system based on Data Stream Classification. Several data stream algorithms were applied on CICIDS2017 datasets which contain several new types of attacks. The results were evaluated to choose the best algorithm that satisfies high accuracy and low computation time.

Clustering algorithms have recently gained attention in the related literature since
they can help current intrusion detection systems in several aspects. This paper
proposes genetic algorithm (GA) based clustering, serving to distinguish patterns
incoming from network traffic packets into normal and attack. Two GA based
clustering models for solving intrusion detection problem are introduced. The first
model coined as handles numeric features of the network packet, whereas
the second one coined as concerns all features of the network packet.
Moreover, a new mutation operator directed for binary and symbolic features is
proposed. The basic concept of proposed mutation operator depends on the most
frequent value

Cybersecurity refers to the actions that are used by people and companies to protect themselves and their information from cyber threats. Different security methods have been proposed for detecting network abnormal behavior, but some effective attacks are still a major concern in the computer community. Many security gaps, like Denial of Service, spam, phishing, and other types of attacks, are reported daily, and the attack numbers are growing. Intrusion detection is a security protection method that is used to detect and report any abnormal traffic automatically that may affect network security, such as internal attacks, external attacks, and maloperations. This paper proposed an anomaly intrusion detection system method based on a

Cybersecurity refers to the actions that are used by people and companies to protect themselves and their information from cyber threats. Different security methods have been proposed for detecting network abnormal behavior, but some effective attacks are still a major concern in the computer community. Many security gaps, like Denial of Service, spam, phishing, and other types of attacks, are reported daily, and the attack numbers are growing. Intrusion detection is a security protection method that is used to detect and report any abnormal traffic automatically that may affect network security, such as internal attacks, external attacks, and maloperations. This paper proposed an anomaly intrusion detection system method based on a