Log In Sign Up

Anomaly-Based Intrusion Detection by Machine Learning: A Case Study on Probing Attacks to an Institutional Network

by   Emrah Tufan, et al.

Cyber attacks constitute a significant threat to organizations with implications ranging from economic, reputational, and legal consequences. As cybercriminals' techniques get sophisticated, information security professionals face a more significant challenge to protecting information systems. In today's interconnected realm of computer systems, each attack vector has a network dimension. The present study investigates network intrusion attempts with anomaly-based machine learning models to provide better protection than the conventional misuse-based models. Two models, namely an ensemble learning model and a convolutional neural network model, were built and implemented on a data set gathered from a real-life, institutional production environment. To demonstrate the models' reliability and validity, they were applied to the UNSW-NB15 benchmarking data set. The type of attack was limited to probing attacks to keep the scope of the study manageable. The findings revealed high accuracy rates, the CNN model being slightly more accurate.


page 3

page 4

page 5

page 9

page 11

page 12

page 14

page 15


Learning to Detect: A Data-driven Approach for Network Intrusion Detection

With massive data being generated daily and the ever-increasing intercon...

A Hybrid Deep Learning Anomaly Detection Framework for Intrusion Detection

Cyber intrusion attacks that compromise the users' critical and sensitiv...

A Dependable Hybrid Machine Learning Model for Network Intrusion Detection

Network intrusion detection systems (NIDSs) play an important role in co...

A Hypergraph-Based Machine Learning Ensemble Network Intrusion Detection System

Network intrusion detection systems (NIDS) to detect malicious attacks c...

Near Real-time Learning and Extraction of Attack Models from Intrusion Alerts

Critical and sophisticated cyberattacks often take multitudes of reconna...

Use Dimensionality Reduction and SVM Methods to Increase the Penetration Rate of Computer Networks

In the world today computer networks have a very important position and ...

A Novel Approach for Network Attack Classification Based on Sequential Questions

With the development of incipient technologies, user devices becoming mo...