{"title":"利用新型混合入侵检测系统提高性能","authors":"Candra Supriadi, Charli Sitinjak, Fujiama Diapoldo Silalahi, Nia Dharma Pertiwi, Sigit Umar Anggono","doi":"10.51903/jmi.v1i1.134","DOIUrl":null,"url":null,"abstract":"Intrusion Detection Systems (IDS) are an efficient defense against network attacks as well as host attacks as they allow network/host administrators to detect any policy violations. However, traditional IDS are vulnerable and unreliable for new malicious and genuine attacks. In other case, it is also inefficient to analyze large amount of data such as possibility logs. Furthermore, for typical OS, there are a lot of false positives and false negatives. There are some techniques to increase the quality and result of IDS where data mining is one of technique that is important to mining the information that useful from a large amount of data which noisy and random. The purpose of this study is to combine three technique of data mining to reduce overhead and to improve efficiency in intrusion detection system (IDS). The combination of clustering (Hierarchical) and two categories (C5, CHAID) is proposed in this study. The designed IDS is evaluated against the KDD'99 standard Data set (Knowledge Discovery and Data Mining), which is used to evaluate the efficacy of intrusion detection systems. The suggested system can detect intrusions and categorize them into four categories: probe, DoS, U2R (User to Root), and R2L (Remote to Local). The good performance of IDS in case of accuracy and efficiency was the result of this study.","PeriodicalId":1,"journal":{"name":"Accounts of Chemical Research","volume":null,"pages":null},"PeriodicalIF":16.4000,"publicationDate":"2022-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Enhancing Performance Using New Hybrid Intrusion Detection System\",\"authors\":\"Candra Supriadi, Charli Sitinjak, Fujiama Diapoldo Silalahi, Nia Dharma Pertiwi, Sigit Umar Anggono\",\"doi\":\"10.51903/jmi.v1i1.134\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion Detection Systems (IDS) are an efficient defense against network attacks as well as host attacks as they allow network/host administrators to detect any policy violations. However, traditional IDS are vulnerable and unreliable for new malicious and genuine attacks. In other case, it is also inefficient to analyze large amount of data such as possibility logs. Furthermore, for typical OS, there are a lot of false positives and false negatives. There are some techniques to increase the quality and result of IDS where data mining is one of technique that is important to mining the information that useful from a large amount of data which noisy and random. The purpose of this study is to combine three technique of data mining to reduce overhead and to improve efficiency in intrusion detection system (IDS). The combination of clustering (Hierarchical) and two categories (C5, CHAID) is proposed in this study. The designed IDS is evaluated against the KDD'99 standard Data set (Knowledge Discovery and Data Mining), which is used to evaluate the efficacy of intrusion detection systems. The suggested system can detect intrusions and categorize them into four categories: probe, DoS, U2R (User to Root), and R2L (Remote to Local). The good performance of IDS in case of accuracy and efficiency was the result of this study.\",\"PeriodicalId\":1,\"journal\":{\"name\":\"Accounts of Chemical Research\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":16.4000,\"publicationDate\":\"2022-07-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Accounts of Chemical Research\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.51903/jmi.v1i1.134\",\"RegionNum\":1,\"RegionCategory\":\"化学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"CHEMISTRY, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Accounts of Chemical Research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.51903/jmi.v1i1.134","RegionNum":1,"RegionCategory":"化学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"CHEMISTRY, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 0
摘要
入侵检测系统(IDS)是针对网络攻击和主机攻击的有效防御,因为它们允许网络/主机管理员检测任何违反策略的行为。然而,对于新的恶意攻击和真正的攻击,传统的IDS是脆弱和不可靠的。在另一种情况下,分析可能性日志等大量数据也是低效的。此外,对于典型的操作系统,存在大量的假阳性和假阴性。为了提高入侵检测的质量和效果,有很多技术可以采用,其中数据挖掘技术就是从大量具有噪声和随机性的数据中挖掘有用信息的重要技术之一。本研究的目的是将三种数据挖掘技术结合起来,以减少入侵检测系统的开销,提高系统的效率。本研究提出了聚类(Hierarchical)与两类(C5, CHAID)相结合的方法。根据KDD'99标准数据集(知识发现和数据挖掘)对所设计的入侵检测系统进行了评估,该标准数据集用于评估入侵检测系统的有效性。建议的系统可以检测入侵并将其分为四类:probe、DoS、U2R (User to Root)和R2L (Remote to Local)。本研究的结果是IDS在准确性和效率方面具有良好的性能。
Enhancing Performance Using New Hybrid Intrusion Detection System
Intrusion Detection Systems (IDS) are an efficient defense against network attacks as well as host attacks as they allow network/host administrators to detect any policy violations. However, traditional IDS are vulnerable and unreliable for new malicious and genuine attacks. In other case, it is also inefficient to analyze large amount of data such as possibility logs. Furthermore, for typical OS, there are a lot of false positives and false negatives. There are some techniques to increase the quality and result of IDS where data mining is one of technique that is important to mining the information that useful from a large amount of data which noisy and random. The purpose of this study is to combine three technique of data mining to reduce overhead and to improve efficiency in intrusion detection system (IDS). The combination of clustering (Hierarchical) and two categories (C5, CHAID) is proposed in this study. The designed IDS is evaluated against the KDD'99 standard Data set (Knowledge Discovery and Data Mining), which is used to evaluate the efficacy of intrusion detection systems. The suggested system can detect intrusions and categorize them into four categories: probe, DoS, U2R (User to Root), and R2L (Remote to Local). The good performance of IDS in case of accuracy and efficiency was the result of this study.
期刊介绍:
Accounts of Chemical Research presents short, concise and critical articles offering easy-to-read overviews of basic research and applications in all areas of chemistry and biochemistry. These short reviews focus on research from the author’s own laboratory and are designed to teach the reader about a research project. In addition, Accounts of Chemical Research publishes commentaries that give an informed opinion on a current research problem. Special Issues online are devoted to a single topic of unusual activity and significance.
Accounts of Chemical Research replaces the traditional article abstract with an article "Conspectus." These entries synopsize the research affording the reader a closer look at the content and significance of an article. Through this provision of a more detailed description of the article contents, the Conspectus enhances the article's discoverability by search engines and the exposure for the research.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
