Network Security Enhanced with Deep Neural Network-Based Intrusion Detection System

This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intrusion detection performance,given the vital relevance of safeguarding computer networks against harmful activity.The DNN-based IDS is trained and validated by the model using the NSL-KDD dataset,a popular benchmark for IDS research.The model performs well in both the training and validation stages,with 91.30%training accuracy and 94.38%validation accuracy.Thus,the model shows good learning and generalization capabilities with minor losses of 0.22 in training and 0.1553 in validation.Furthermore,for both macro and micro averages across class 0(normal)and class 1(anomalous)data,the study evaluates the model using a variety of assessment measures,such as accuracy scores,precision,recall,and F1 scores.The macro-average recall is 0.9422,the macro-average precision is 0.9482,and the accuracy scores are 0.942.Furthermore,macro-averaged F1 scores of 0.9245 for class 1 and 0.9434 for class 0 demonstrate the model’s ability to precisely identify anomalies precisely.The research also highlights how real-time threat monitoring and enhanced resistance against new online attacks may be achieved byDNN-based intrusion detection systems,which can significantly improve network security.The study underscores the critical function ofDNN-based IDS in contemporary cybersecurity procedures by setting the foundation for further developments in this field.Upcoming research aims to enhance intrusion detection systems by examining cooperative learning techniques and integrating up-to-date threat knowledge.

Cluster DetectionMethod of Endogenous Security Abnormal Attack Behavior in Air Traffic Control Network

In order to enhance the accuracy of Air Traffic Control(ATC)cybersecurity attack detection,in this paper,a new clustering detection method is designed for air traffic control network security attacks.The feature set for ATC cybersecurity attacks is constructed by setting the feature states,adding recursive features,and determining the feature criticality.The expected information gain and entropy of the feature data are computed to determine the information gain of the feature data and reduce the interference of similar feature data.An autoencoder is introduced into the AI(artificial intelligence)algorithm to encode and decode the characteristics of ATC network security attack behavior to reduce the dimensionality of the ATC network security attack behavior data.Based on the above processing,an unsupervised learning algorithm for clustering detection of ATC network security attacks is designed.First,determine the distance between the clustering clusters of ATC network security attack behavior characteristics,calculate the clustering threshold,and construct the initial clustering center.Then,the new average value of all feature objects in each cluster is recalculated as the new cluster center.Second,it traverses all objects in a cluster of ATC network security attack behavior feature data.Finally,the cluster detection of ATC network security attack behavior is completed by the computation of objective functions.The experiment took three groups of experimental attack behavior data sets as the test object,and took the detection rate,false detection rate and recall rate as the test indicators,and selected three similar methods for comparative test.The experimental results show that the detection rate of this method is about 98%,the false positive rate is below 1%,and the recall rate is above 97%.Research shows that this method can improve the detection performance of security attacks in air traffic control network.

Machine Learning Models for Heterogenous Network Security Anomaly Detection

The increasing amount and intricacy of network traffic in the modern digital era have worsened the difficulty of identifying abnormal behaviours that may indicate potential security breaches or operational interruptions. Conventional detection approaches face challenges in keeping up with the ever-changing strategies of cyber-attacks, resulting in heightened susceptibility and significant harm to network infrastructures. In order to tackle this urgent issue, this project focused on developing an effective anomaly detection system that utilizes Machine Learning technology. The suggested model utilizes contemporary machine learning algorithms and frameworks to autonomously detect deviations from typical network behaviour. It promptly identifies anomalous activities that may indicate security breaches or performance difficulties. The solution entails a multi-faceted approach encompassing data collection, preprocessing, feature engineering, model training, and evaluation. By utilizing machine learning methods, the model is trained on a wide range of datasets that include both regular and abnormal network traffic patterns. This training ensures that the model can adapt to numerous scenarios. The main priority is to ensure that the system is functional and efficient, with a particular emphasis on reducing false positives to avoid unwanted alerts. Additionally, efforts are directed on improving anomaly detection accuracy so that the model can consistently distinguish between potentially harmful and benign activity. This project aims to greatly strengthen network security by addressing emerging cyber threats and improving their resilience and reliability.

A Security Trade-Off Scheme of Anomaly Detection System in IoT to Defend against Data-Tampering Attacks

Internet of Things(IoT)is vulnerable to data-tampering(DT)attacks.Due to resource limitations,many anomaly detection systems(ADSs)for IoT have high false positive rates when detecting DT attacks.This leads to the misreporting of normal data,which will impact the normal operation of IoT.To mitigate the impact caused by the high false positive rate of ADS,this paper proposes an ADS management scheme for clustered IoT.First,we model the data transmission and anomaly detection in clustered IoT.Then,the operation strategy of the clustered IoT is formulated as the running probabilities of all ADSs deployed on every IoT device.In the presence of a high false positive rate in ADSs,to deal with the trade-off between the security and availability of data,we develop a linear programming model referred to as a security trade-off(ST)model.Next,we develop an analysis framework for the ST model,and solve the ST model on an IoT simulation platform.Last,we reveal the effect of some factors on the maximum combined detection rate through theoretical analysis.Simulations show that the ADS management scheme can mitigate the data unavailability loss caused by the high false positive rates in ADS.

An Efficient Cyber Security and Intrusion Detection System Using CRSR with PXORP-ECC and LTH-CNN

Intrusion Detection System(IDS)is a network security mechanism that analyses all users’and applications’traffic and detectsmalicious activities in real-time.The existing IDSmethods suffer fromlower accuracy and lack the required level of security to prevent sophisticated attacks.This problem can result in the system being vulnerable to attacks,which can lead to the loss of sensitive data and potential system failure.Therefore,this paper proposes an Intrusion Detection System using Logistic Tanh-based Convolutional Neural Network Classification(LTH-CNN).Here,the Correlation Coefficient based Mayfly Optimization(CC-MA)algorithm is used to extract the input characteristics for the IDS from the input data.Then,the optimized features are utilized by the LTH-CNN,which returns the attacked and non-attacked data.After that,the attacked data is stored in the log file and non-attacked data is mapped to the cyber security and data security phases.To prevent the system from cyber-attack,the Source and Destination IP address is converted into a complex binary format named 1’s Complement Reverse Shift Right(CRSR),where,in the data security phase the sensed data is converted into an encrypted format using Senders Public key Exclusive OR Receivers Public Key-Elliptic Curve Cryptography(PXORP-ECC)Algorithm to improve the data security.TheNetwork Security Laboratory-Knowledge Discovery inDatabases(NSLKDD)dataset and real-time sensor are used to train and evaluate the proposed LTH-CNN.The suggested model is evaluated based on accuracy,sensitivity,and specificity,which outperformed the existing IDS methods,according to the results of the experiments.

A Review of Generative Adversarial Networks for Intrusion Detection Systems: Advances, Challenges, and Future Directions

The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Generative adversarial networks(GANs)have also garnered increasing research interest recently due to their remarkable ability to generate data.This paper investigates the application of(GANs)in(IDS)and explores their current use within this research field.We delve into the adoption of GANs within signature-based,anomaly-based,and hybrid IDSs,focusing on their objectives,methodologies,and advantages.Overall,GANs have been widely employed,mainly focused on solving the class imbalance issue by generating realistic attack samples.While GANs have shown significant potential in addressing the class imbalance issue,there are still open opportunities and challenges to be addressed.Little attention has been paid to their applicability in distributed and decentralized domains,such as IoT networks.Efficiency and scalability have been mostly overlooked,and thus,future works must aim at addressing these gaps.

Intrusion Detection Model Using Chaotic MAP for Network Coding Enabled Mobile Small Cells

Wireless Network security management is difficult because of the ever-increasing number of wireless network malfunctions,vulnerabilities,and assaults.Complex security systems,such as Intrusion Detection Systems(IDS),are essential due to the limitations of simpler security measures,such as cryptography and firewalls.Due to their compact nature and low energy reserves,wireless networks present a significant challenge for security procedures.The features of small cells can cause threats to the network.Network Coding(NC)enabled small cells are vulnerable to various types of attacks.Avoiding attacks and performing secure“peer”to“peer”data transmission is a challenging task in small cells.Due to the low power and memory requirements of the proposed model,it is well suited to use with constrained small cells.An attacker cannot change the contents of data and generate a new Hashed Homomorphic Message Authentication Code(HHMAC)hash between transmissions since the HMAC function is generated using the shared secret.In this research,a chaotic sequence mapping based low overhead 1D Improved Logistic Map is used to secure“peer”to“peer”data transmission model using lightweight H-MAC(1D-LM-P2P-LHHMAC)is proposed with accurate intrusion detection.The proposed model is evaluated with the traditional models by considering various evaluation metrics like Vector Set Generation Accuracy Levels,Key Pair Generation Time Levels,Chaotic Map Accuracy Levels,Intrusion Detection Accuracy Levels,and the results represent that the proposed model performance in chaotic map accuracy level is 98%and intrusion detection is 98.2%.The proposed model is compared with the traditional models and the results represent that the proposed model secure data transmission levels are high.

Network Intrusion Detection and Visualization Using Aggregations in a Cyber Security Data Warehouse

The challenge of achieving situational understanding is a limiting factor in effective, timely, and adaptive cyber-security analysis. Anomaly detection fills a critical role in network assessment and trend analysis, both of which underlie the establishment of comprehensive situational understanding. To that end, we propose a cyber security data warehouse implemented as a hierarchical graph of aggregations that captures anomalies at multiple scales. Each node of our proposed graph is a summarization table of cyber event aggregations, and the edges are aggregation operators. The cyber security data warehouse enables domain experts to quickly traverse a multi-scale aggregation space systematically. We describe the architecture of a test bed system and a summary of results on the IEEE VAST 2012 Cyber Forensics data.

A Real-Time Sequential Deep Extreme Learning Machine Cybersecurity Intrusion Detection System

In recent years,cybersecurity has attracted significant interest due to the rapid growth of the Internet of Things(IoT)and the widespread development of computer infrastructure and systems.It is thus becoming particularly necessary to identify cyber-attacks or irregularities in the system and develop an efficient intrusion detection framework that is integral to security.Researchers have worked on developing intrusion detection models that depend on machine learning(ML)methods to address these security problems.An intelligent intrusion detection device powered by data can exploit artificial intelligence(AI),and especially ML,techniques.Accordingly,we propose in this article an intrusion detection model based on a Real-Time Sequential Deep Extreme Learning Machine Cybersecurity Intrusion Detection System(RTS-DELM-CSIDS)security model.The proposed model initially determines the rating of security aspects contributing to their significance and then develops a comprehensive intrusion detection framework focused on the essential characteristics.Furthermore,we investigated the feasibility of our proposed RTS-DELM-CSIDS framework by performing dataset evaluations and calculating accuracy parameters to validate.The experimental findings demonstrate that the RTS-DELM-CSIDS framework outperforms conventional algorithms.Furthermore,the proposed approach has not only research significance but also practical significance.

Optimal Fuzzy Logic Enabled Intrusion Detection for Secure IoT-Cloud Environment

Recently,Internet of Things(IoT)devices have developed at a faster rate and utilization of devices gets considerably increased in day to day lives.Despite the benefits of IoT devices,security issues remain challenging owing to the fact that most devices do not include memory and computing resources essential for satisfactory security operation.Consequently,IoT devices are vulnerable to different kinds of attacks.A single attack on networking system/device could result in considerable data to data security and privacy.But the emergence of artificial intelligence(AI)techniques can be exploited for attack detection and classification in the IoT environment.In this view,this paper presents novel metaheuristics feature selection with fuzzy logic enabled intrusion detection system(MFSFL-IDS)in the IoT environment.The presented MFSFL-IDS approach purposes for recognizing the existence of intrusions and accomplish security in the IoT environment.To achieve this,the MFSFL-IDS model employs data pre-processing to transform the data into useful format.Besides,henry gas solubility optimization(HGSO)algorithm is applied as a feature selection approach to derive useful feature vectors.Moreover,adaptive neuro fuzzy inference system(ANFIS)technique was utilized for the recognition and classification of intrusions in the network.Finally,binary bat algorithm(BBA)is exploited for adjusting parameters involved in the ANFIS model.A comprehensive experimental validation of the MFSFL-IDS model is carried out using benchmark dataset and the outcomes are assessed under distinct aspects.The experimentation outcomes highlighted the superior performance of the MFSFL-IDS model over recentapproaches with maximum accuracy of 99.80%.

An Enhanced Intelligent Intrusion Detection System to Secure E-Commerce Communication Systems

Information and communication technologies are spreading rapidly due to their fast proliferation in many fields.The number of Internet users has led to a spike in cyber-attack incidents.E-commerce applications,such as online banking,marketing,trading,and other online businesses,play an integral role in our lives.Network Intrusion Detection System(NIDS)is essential to protect the network from unauthorized access and against other cyber-attacks.The existing NIDS systems are based on the Backward Oracle Matching(BOM)algorithm,which minimizes the false alarm rate and causes of high packet drop ratio.This paper discussed the existing NIDS systems and different used pattern-matching techniques regarding their weaknesses and limitations.To address the existing system issues,this paper proposes an enhanced version of the BOM algorithm by using multiple pattern-matching methods for the NIDS system to improve the network performance.The proposed solution is tested in simulation with existing solutions using the Snort and NSL-KDD datasets.The experimental results indicated that the proposed solution performed better than the existing solutions and achieved a 5.17%detection rate and a 0.22%lower false alarm rate than the existing solution.

CNN Channel Attention Intrusion Detection SystemUsing NSL-KDD Dataset

Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.

ResNeSt-biGRU: An Intrusion Detection Model Based on Internet of Things

The rapid expansion of Internet of Things (IoT) devices across various sectors is driven by steadily increasingdemands for interconnected and smart technologies. Nevertheless, the surge in the number of IoT device hascaught the attention of cyber hackers, as it provides them with expanded avenues to access valuable data. Thishas resulted in a myriad of security challenges, including information leakage, malware propagation, and financialloss, among others. Consequently, developing an intrusion detection system to identify both active and potentialintrusion traffic in IoT networks is of paramount importance. In this paper, we propose ResNeSt-biGRU, a practicalintrusion detection model that combines the strengths of ResNeSt, a variant of Residual Neural Network, andbidirectionalGated RecurrentUnitNetwork (biGRU).Our ResNeSt-biGRUframework diverges fromconventionalintrusion detection systems (IDS) by employing this dual-layeredmechanism that exploits the temporal continuityand spatial feature within network data streams, a methodological innovation that enhances detection accuracy.In conjunction with this, we introduce the PreIoT dataset, a compilation of prevalent IoT network behaviors, totrain and evaluate IDSmodels with a focus on identifying potential intrusion traffics. The effectiveness of proposedscheme is demonstrated through testing, wherein it achieved an average accuracy of 99.90% on theN-BaIoT datasetas well as on the PreIoT dataset and 94.45% on UNSW-NB15 dataset. The outcomes of this research reveal thepotential of ResNeSt-biGRU to bolster security measures, diminish intrusion-related vulnerabilities, and preservethe overall security of IoT ecosystems.

MUS Model:A Deep Learning-Based Architecture for IoT Intrusion Detection

In the face of the effective popularity of the Internet of Things(IoT),but the frequent occurrence of cybersecurity incidents,various cybersecurity protection means have been proposed and applied.Among them,Intrusion Detection System(IDS)has been proven to be stable and efficient.However,traditional intrusion detection methods have shortcomings such as lowdetection accuracy and inability to effectively identifymalicious attacks.To address the above problems,this paper fully considers the superiority of deep learning models in processing highdimensional data,and reasonable data type conversion methods can extract deep features and detect classification using advanced computer vision techniques to improve classification accuracy.TheMarkov TransformField(MTF)method is used to convert 1Dnetwork traffic data into 2D images,and then the converted 2D images are filtered by UnsharpMasking to enhance the image details by sharpening;to further improve the accuracy of data classification and detection,unlike using the existing high-performance baseline image classification models,a soft-voting integrated model,which integrates three deep learning models,MobileNet,VGGNet and ResNet,to finally obtain an effective IoT intrusion detection architecture:the MUS model.Four types of experiments are conducted on the publicly available intrusion detection dataset CICIDS2018 and the IoT network traffic dataset N_BaIoT,and the results demonstrate that the accuracy of attack traffic detection is greatly improved,which is not only applicable to the IoT intrusion detection environment,but also to different types of attacks and different network environments,which confirms the effectiveness of the work done.

Cyber Resilience through Real-Time Threat Analysis in Information Security

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

Multi-Attack Intrusion Detection System for Software-Defined Internet of Things Network

Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset.

Chaotic Metaheuristics with Multi-Spiking Neural Network Based Cloud Intrusion Detection

Cloud Computing(CC)provides data storage options as well as computing services to its users through the Internet.On the other hand,cloud users are concerned about security and privacy issues due to the increased number of cyberattacks.Data protection has become an important issue since the users’information gets exposed to third parties.Computer networks are exposed to different types of attacks which have extensively grown in addition to the novel intrusion methods and hacking tools.Intrusion Detection Systems(IDSs)can be used in a network to manage suspicious activities.These IDSs monitor the activities of the CC environment and decide whether an activity is legitimate(normal)or malicious(intrusive)based on the established system’s confidentiality,availability and integrity of the data sources.In the current study,a Chaotic Metaheuristics with Optimal Multi-Spiking Neural Network-based Intrusion Detection(CMOMSNN-ID)model is proposed to secure the cloud environment.The presented CMOMSNNID model involves the Chaotic Artificial Bee Colony Optimization-based Feature Selection(CABC-FS)technique to reduce the curse of dimensionality.In addition,the Multi-Spiking Neural Network(MSNN)classifier is also used based on the simulation of brain functioning.It is applied to resolve pattern classification problems.In order to fine-tune the parameters relevant to theMSNN model,theWhale Optimization Algorithm(WOA)is employed to boost the classification results.To demonstrate the superiority of the proposed CMOMSNN-ID model,a useful set of simulations was performed.The simulation outcomes inferred that the proposed CMOMSNN-ID model accomplished a superior performance over other models with a maximum accuracy of 99.20%.

Optimal Wavelet Neural Network-Based Intrusion Detection in Internet of Things Environment

As the Internet of Things(IoT)endures to develop,a huge count of data has been created.An IoT platform is rather sensitive to security challenges as individual data can be leaked,or sensor data could be used to cause accidents.As typical intrusion detection system(IDS)studies can be frequently designed for working well on databases,it can be unknown if they intend to work well in altering network environments.Machine learning(ML)techniques are depicted to have a higher capacity at assisting mitigate an attack on IoT device and another edge system with reasonable accuracy.This article introduces a new Bird Swarm Algorithm with Wavelet Neural Network for Intrusion Detection(BSAWNN-ID)in the IoT platform.The main intention of the BSAWNN-ID algorithm lies in detecting and classifying intrusions in the IoT platform.The BSAWNN-ID technique primarily designs a feature subset selection using the coyote optimization algorithm(FSS-COA)to attain this.Next,to detect intrusions,the WNN model is utilized.At last,theWNNparameters are optimally modified by the use of BSA.Awidespread experiment is performed to depict the better performance of the BSAWNNID technique.The resultant values indicated the better performance of the BSAWNN-ID technique over other models,with an accuracy of 99.64%on the UNSW-NB15 dataset.

Blockchain: Secured Solution for Signature Transfer in Distributed Intrusion Detection System

Exchange of data in networks necessitates provision of security and confidentiality.Most networks compromised by intruders are those where the exchange of data is at high risk.The main objective of this paper is to present a solution for secure exchange of attack signatures between the nodes of a distributed network.Malicious activities are monitored and detected by the Intrusion Detection System(IDS)that operates with nodes connected to a distributed network.The IDS operates in two phases,where the first phase consists of detection of anomaly attacks using an ensemble of classifiers such as Random forest,Convolutional neural network,and XGBoost along with genetic algorithm to improve the performance of IDS.The novel attacks detected in this phase are converted into signatures and exchanged further through the network using the blockchain framework in the second phase.This phase uses the cryptosystem as part of the blockchain to store data and secure it at a higher level.The blockchain is implemented using the Hyperledger Fabric v1.0 and v2.0,to create a prototype for secure signature transfer.It exchanges signatures in a much more secured manner using the blockchain architecture when implemented with version 2.0 of Hyperl-edger Fabric.The performance of the proposed blockchain system is evaluated on UNSW NB15 dataset.Blockchain performance has been evaluated in terms of execution time,average latency,throughput and transaction processing time.Experimental evidence of the proposed IDS system demonstrates improved performance with accuracy,detection rate and false alarm rate(FAR)as key parameters used.Accuracy and detection rate increase by 2%and 3%respectively whereas FAR reduces by 1.7%.

Machine Learning Techniques for Intrusion Detection Systems in SDN-Recent Advances,Challenges and Future Directions

Software-Defined Networking(SDN)enables flexibility in developing security tools that can effectively and efficiently analyze and detect malicious network traffic for detecting intrusions.Recently Machine Learning(ML)techniques have attracted lots of attention from researchers and industry for developing intrusion detection systems(IDSs)considering logically centralized control and global view of the network provided by SDN.Many IDSs have developed using advances in machine learning and deep learning.This study presents a comprehensive review of recent work ofML-based IDS in context to SDN.It presents a comprehensive study of the existing review papers in the field.It is followed by introducing intrusion detection,ML techniques and their types.Specifically,we present a systematic study of recent works,discuss ongoing research challenges for effective implementation of ML-based intrusion detection in SDN,and promising future works in this field.