DeepAI AI Chat
Log In Sign Up

A Hypergraph-Based Machine Learning Ensemble Network Intrusion Detection System

by   Zong-Zhi Lin, et al.
United States Military Academy

Network intrusion detection systems (NIDS) to detect malicious attacks continues to meet challenges. NIDS are vulnerable to auto-generated port scan infiltration attempts and NIDS are often developed offline, resulting in a time lag to prevent the spread of infiltration to other parts of a network. To address these challenges, we use hypergraphs to capture evolving patterns of port scan attacks via the set of internet protocol addresses and destination ports, thereby deriving a set of hypergraph-based metrics to train a robust and resilient ensemble machine learning (ML) NIDS that effectively monitors and detects port scanning activities and adversarial intrusions while evolving intelligently in real-time. Through the combination of (1) intrusion examples, (2) NIDS update rules, (3) attack threshold choices to trigger NIDS retraining requests, and (4) production environment with no prior knowledge of the nature of network traffic 40 scenarios were auto-generated to evaluate the ML ensemble NIDS comprising three tree-based models. Results show that under the model settings of an Update-ALL-NIDS rule (namely, retrain and update all the three models upon the same NIDS retraining request) the proposed ML ensemble NIDS produced the best results with nearly 100 simulation, exhibiting robustness in the complex dynamics of the simulated cyber-security scenario.


Pelican: A Deep Residual Network for Network Intrusion Detection

One challenge for building a secure network communication environment is...

GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection

Machine Learning (ML) has proven to be effective in many application dom...

Anomaly-Based Intrusion Detection by Machine Learning: A Case Study on Probing Attacks to an Institutional Network

Cyber attacks constitute a significant threat to organizations with impl...

NetSentry: A Deep Learning Approach to Detecting Incipient Large-scale Network Attacks

Machine Learning (ML) techniques are increasingly adopted to tackle ever...

Zero-shot learning approach to adaptive Cybersecurity using Explainable AI

Cybersecurity is a domain where there is constant change in patterns of ...

Extending Signature-based Intrusion Detection Systems WithBayesian Abductive Reasoning

Evolving cybersecurity threats are a persistent challenge for systemadmi...

Robustness of ML-Enhanced IDS to Stealthy Adversaries

Intrusion Detection Systems (IDS) enhanced with Machine Learning (ML) ha...