基于KDD 99和NSL KDD数据在WEKA中的IDS分类综述

Gaurav Meena, R. Choudhary
{"title":"基于KDD 99和NSL KDD数据在WEKA中的IDS分类综述","authors":"Gaurav Meena, R. Choudhary","doi":"10.1109/COMPTELIX.2017.8004032","DOIUrl":null,"url":null,"abstract":"In the Area of Security, Intrusion Detection System (IDS) form an individual trailing and plays an essential role in information Security. As the usability of the internet among the users in a wide area is increasing day by day so as the importance of security and to keep the system aware of the malicious activities is also increasing. It has the following limitations on low detection rate, high false alarm rate and so on which is been indicated by the traditional Intrusion Detection System. A performance of the classifier is based on the necessity of the terms of its effectiveness, and it is also concerned with the number of features to be examined by the IDS should be improved. In this, J48 is been performed on the hybrid IDS and is applied using J48 Decision Tree algorithm, J48 Decision Tree is used for the feature selection and Naive Bayes Algorithm. Basically Intrusion detection systems (IDSs) is been used on the basis of two fundamental approaches first the recognition of anomalous activities as it generally occurs on the turns from usual or unusual behavior and second misuse detection by observing unauthorized “signatures” of those recognized malicious assaults and classification vulnerabilities. Anomaly or the anonymous (behavior-based) IDSs presume the difference of normal behavior beneath attacks and achieve abnormal activities evaluated and recognized with predefined system or user behavior reference model. The main focus of this survey is on WEKA (Waikato Environment for Knowledge Analysis) Tool and its various algorithms of classification used for detecting and analyzing the various intrusions. Lastly, In this survey, we lead to elaborate the mostly used dataset in information security research KDDCUP and NSL KDD and its various components.","PeriodicalId":6917,"journal":{"name":"2017 International Conference on Computer, Communications and Electronics (Comptelix)","volume":"26 1","pages":"553-558"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"75","resultStr":"{\"title\":\"A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA\",\"authors\":\"Gaurav Meena, R. Choudhary\",\"doi\":\"10.1109/COMPTELIX.2017.8004032\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the Area of Security, Intrusion Detection System (IDS) form an individual trailing and plays an essential role in information Security. As the usability of the internet among the users in a wide area is increasing day by day so as the importance of security and to keep the system aware of the malicious activities is also increasing. It has the following limitations on low detection rate, high false alarm rate and so on which is been indicated by the traditional Intrusion Detection System. A performance of the classifier is based on the necessity of the terms of its effectiveness, and it is also concerned with the number of features to be examined by the IDS should be improved. In this, J48 is been performed on the hybrid IDS and is applied using J48 Decision Tree algorithm, J48 Decision Tree is used for the feature selection and Naive Bayes Algorithm. Basically Intrusion detection systems (IDSs) is been used on the basis of two fundamental approaches first the recognition of anomalous activities as it generally occurs on the turns from usual or unusual behavior and second misuse detection by observing unauthorized “signatures” of those recognized malicious assaults and classification vulnerabilities. Anomaly or the anonymous (behavior-based) IDSs presume the difference of normal behavior beneath attacks and achieve abnormal activities evaluated and recognized with predefined system or user behavior reference model. The main focus of this survey is on WEKA (Waikato Environment for Knowledge Analysis) Tool and its various algorithms of classification used for detecting and analyzing the various intrusions. Lastly, In this survey, we lead to elaborate the mostly used dataset in information security research KDDCUP and NSL KDD and its various components.\",\"PeriodicalId\":6917,\"journal\":{\"name\":\"2017 International Conference on Computer, Communications and Electronics (Comptelix)\",\"volume\":\"26 1\",\"pages\":\"553-558\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"75\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 International Conference on Computer, Communications and Electronics (Comptelix)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/COMPTELIX.2017.8004032\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Computer, Communications and Electronics (Comptelix)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMPTELIX.2017.8004032","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 75

摘要

在安全领域,入侵检测系统(IDS)是一个独立的分支,在信息安全中起着至关重要的作用。随着互联网在广大用户中的可用性日益增加,安全的重要性和保持系统对恶意活动的意识也日益增加。传统的入侵检测系统存在检测率低、虚警率高等缺点。分类器的性能取决于其有效性的必要性,也与IDS要检查的特征的数量有关。其中,在混合IDS上进行J48,并使用J48决策树算法,J48决策树用于特征选择和朴素贝叶斯算法。基本上,入侵检测系统(ids)的使用基于两种基本方法:一是识别异常活动,因为它通常发生在正常或异常行为的转变中;二是通过观察被识别的恶意攻击和分类漏洞的未经授权的“签名”来进行误用检测。异常或匿名(基于行为的)ids假定攻击下正常行为的差异,通过预定义的系统或用户行为参考模型来评估和识别异常活动。本次调查的主要重点是WEKA (Waikato Environment for Knowledge Analysis)工具及其用于检测和分析各种入侵的各种分类算法。最后,在本调查中,我们详细阐述了信息安全研究中最常用的数据集KDDCUP和NSL KDD及其各个组成部分。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA
In the Area of Security, Intrusion Detection System (IDS) form an individual trailing and plays an essential role in information Security. As the usability of the internet among the users in a wide area is increasing day by day so as the importance of security and to keep the system aware of the malicious activities is also increasing. It has the following limitations on low detection rate, high false alarm rate and so on which is been indicated by the traditional Intrusion Detection System. A performance of the classifier is based on the necessity of the terms of its effectiveness, and it is also concerned with the number of features to be examined by the IDS should be improved. In this, J48 is been performed on the hybrid IDS and is applied using J48 Decision Tree algorithm, J48 Decision Tree is used for the feature selection and Naive Bayes Algorithm. Basically Intrusion detection systems (IDSs) is been used on the basis of two fundamental approaches first the recognition of anomalous activities as it generally occurs on the turns from usual or unusual behavior and second misuse detection by observing unauthorized “signatures” of those recognized malicious assaults and classification vulnerabilities. Anomaly or the anonymous (behavior-based) IDSs presume the difference of normal behavior beneath attacks and achieve abnormal activities evaluated and recognized with predefined system or user behavior reference model. The main focus of this survey is on WEKA (Waikato Environment for Knowledge Analysis) Tool and its various algorithms of classification used for detecting and analyzing the various intrusions. Lastly, In this survey, we lead to elaborate the mostly used dataset in information security research KDDCUP and NSL KDD and its various components.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Classification of mental tasks using S-transform based fractal features Gauge Theory and spontaneous breaking of symmetry in superconductors Stable type-2 fuzzy logic control of TCSC to improve damping of power systems An analysis on broadband SHG using TIR-QPM in a multi-tapered slab of ZnSe in mid-IR region Analytical study of SINR for OFDMA Uplink in presence of Transceiver Phase Noise
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1