Anouar Bachar, Noureddine El Makhfi, Omar El Bannay
{"title":"Towards a behavioral network intrusion detection system based on the SVM model","authors":"Anouar Bachar, Noureddine El Makhfi, Omar El Bannay","doi":"10.1109/IRASET48871.2020.9092094","DOIUrl":null,"url":null,"abstract":"A behavioral IDS (Intrusion Detection System) is an effective tool for the detection of computer network intrusions, especially the most recent ones. However, the behavioral IDS have a very high false alarm rate compared to traditional IDS that use a signature base for each intrusion. In this paper, we propose an original method of network intrusion detection using machine learning techniques. Our method is based on a behavioral IDS capable of identifying new attacks without using a signature database. We use the SVM (Support Vector Machine) classification model with two cores (Polynomial and Gaussian). This model is trained and tested with the UNSW-NB15 dataset. We have obtained interesting results in terms of detection rate (DR) in comparison with other classification models (ANN, RepTree, Random Forest, MLP).","PeriodicalId":271840,"journal":{"name":"2020 1st International Conference on Innovative Research in Applied Science, Engineering and Technology (IRASET)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 1st International Conference on Innovative Research in Applied Science, Engineering and Technology (IRASET)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IRASET48871.2020.9092094","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9
Abstract
A behavioral IDS (Intrusion Detection System) is an effective tool for the detection of computer network intrusions, especially the most recent ones. However, the behavioral IDS have a very high false alarm rate compared to traditional IDS that use a signature base for each intrusion. In this paper, we propose an original method of network intrusion detection using machine learning techniques. Our method is based on a behavioral IDS capable of identifying new attacks without using a signature database. We use the SVM (Support Vector Machine) classification model with two cores (Polynomial and Gaussian). This model is trained and tested with the UNSW-NB15 dataset. We have obtained interesting results in terms of detection rate (DR) in comparison with other classification models (ANN, RepTree, Random Forest, MLP).
行为入侵检测系统(IDS)是检测计算机网络入侵,特别是最新入侵的有效工具。然而,与对每个入侵使用签名库的传统IDS相比,行为IDS具有非常高的误报率。在本文中,我们提出了一种使用机器学习技术的网络入侵检测方法。我们的方法是基于一种行为IDS,能够在不使用特征库的情况下识别新的攻击。我们使用支持向量机(SVM)两核(多项式和高斯)分类模型。该模型使用UNSW-NB15数据集进行训练和测试。与其他分类模型(ANN, RepTree, Random Forest, MLP)相比,我们在检出率(DR)方面获得了有趣的结果。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
