Detecting Network Anomalies using Rule-based machine learning within
SNMP-MIB dataset
- URL: http://arxiv.org/abs/2002.02368v1
- Date: Sat, 18 Jan 2020 13:05:41 GMT
- Title: Detecting Network Anomalies using Rule-based machine learning within
SNMP-MIB dataset
- Authors: Abdalrahman Hwoij, Mouhammd Al-kasassbeh, Mustafa Al-Fayoumi
- Abstract summary: This paper developed a network traffic system that relies on adopted dataset to differentiate the DOS attacks from normal traffic.
The detection model is built with five Rule-based machine learning classifiers (DecisionTable, JRip, OneR, PART and ZeroR)
- Score: 0.5156484100374059
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: One of the most effective threats that targeting cybercriminals to limit
network performance is Denial of Service (DOS) attack. Thus, data security,
completeness and efficiency could be greatly damaged by this type of attacks.
This paper developed a network traffic system that relies on adopted dataset to
differentiate the DOS attacks from normal traffic. The detection model is built
with five Rule-based machine learning classifiers (DecisionTable, JRip, OneR,
PART and ZeroR). The findings have shown that the ICMP variables are
implemented in the identification of ICMP attack, HTTP flood attack, and
Slowloris at a high accuracy of approximately 99.7% using PART classifier. In
addition, PART classifier has succeeded in classifying normal traffic from
different DOS attacks at 100%.
Related papers
- Detecting Distributed Denial of Service Attacks Using Logistic Regression and SVM Methods [0.0]
The goal of this paper is to detect DDoS attacks from all service requests and classify them according to DDoS classes.
Two (2) different machine learning approaches, SVM and Logistic Regression, are implemented in the dataset for detecting and classifying DDoS attacks.
Logistic Regression and SVM both achieve 98.65% classification accuracy which is the highest achieved accuracy among other previous experiments with the same dataset.
arXiv Detail & Related papers (2024-11-21T13:15:26Z) - A Transformer-Based Framework for Payload Malware Detection and Classification [0.0]
Techniques such as Deep Packet Inspection (DPI) have been introduced to allow IDSs analyze the content of network packets.
In this paper, we propose a revolutionary DPI algorithm based on transformers adapted for the purpose of detecting malicious traffic.
arXiv Detail & Related papers (2024-03-27T03:25:45Z) - Host-Based Network Intrusion Detection via Feature Flattening and
Two-stage Collaborative Classifier [6.04077629908308]
A hybrid network intrusion detection system that combines NIDS and HIDS is proposed to improve intrusion detection performance.
A two-stage collaborative classifier is introduced that deploys two levels of ML algorithms to identify network intrusions.
The proposed method is shown to generalize across two well-known datasets, CICIDS 2018 and NDSec-1.
arXiv Detail & Related papers (2023-06-15T19:09:00Z) - Versatile Weight Attack via Flipping Limited Bits [68.45224286690932]
We study a novel attack paradigm, which modifies model parameters in the deployment stage.
Considering the effectiveness and stealthiness goals, we provide a general formulation to perform the bit-flip based weight attack.
We present two cases of the general formulation with different malicious purposes, i.e., single sample attack (SSA) and triggered samples attack (TSA)
arXiv Detail & Related papers (2022-07-25T03:24:58Z) - Early Detection of Network Attacks Using Deep Learning [0.0]
A network intrusion detection system (IDS) is a tool used for identifying unauthorized and malicious behavior by observing the network traffic.
We propose an end-to-end early intrusion detection system to prevent network attacks before they could cause any more damage to the system under attack.
arXiv Detail & Related papers (2022-01-27T16:35:37Z) - TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack.
Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets.
TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
arXiv Detail & Related papers (2021-03-10T19:03:38Z) - Targeted Attack against Deep Neural Networks via Flipping Limited Weight
Bits [55.740716446995805]
We study a novel attack paradigm, which modifies model parameters in the deployment stage for malicious purposes.
Our goal is to misclassify a specific sample into a target class without any sample modification.
By utilizing the latest technique in integer programming, we equivalently reformulate this BIP problem as a continuous optimization problem.
arXiv Detail & Related papers (2021-02-21T03:13:27Z) - Adversarial Attacks on Deep Learning Based Power Allocation in a Massive
MIMO Network [62.77129284830945]
We show that adversarial attacks can break DL-based power allocation in the downlink of a massive multiple-input-multiple-output (maMIMO) network.
We benchmark the performance of these attacks and show that with a small perturbation in the input of the neural network (NN), the white-box attacks can result in infeasible solutions up to 86%.
arXiv Detail & Related papers (2021-01-28T16:18:19Z) - An Experimental Analysis of Attack Classification Using Machine Learning
in IoT Networks [3.9236397589917127]
In recent years, there has been a massive increase in the amount of Internet of Things (IoT) devices as well as the data generated by such devices.
As the number of attacks possible on a network increases, it becomes more difficult for traditional intrusion detection systems to cope with these attacks efficiently.
In this paper, we highlight several machine learning (ML) methods such as k-nearest neighbour (KNN), support vector machine (SVM), decision tree (DT), naive Bayes (NB), random forest (RF), artificial neural network (ANN), and logistic regression (LR) that can be used in IDS
arXiv Detail & Related papers (2021-01-10T11:48:37Z) - Adversarial EXEmples: A Survey and Experimental Evaluation of Practical
Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes.
We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks.
These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
arXiv Detail & Related papers (2020-08-17T07:16:57Z) - Cassandra: Detecting Trojaned Networks from Adversarial Perturbations [92.43879594465422]
In many cases, pre-trained models are sourced from vendors who may have disrupted the training pipeline to insert Trojan behaviors into the models.
We propose a method to verify if a pre-trained model is Trojaned or benign.
Our method captures fingerprints of neural networks in the form of adversarial perturbations learned from the network gradients.
arXiv Detail & Related papers (2020-07-28T19:00:40Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.