Sequential Binary Classification for Intrusion Detection in Software Defined Networks

• URL: http://arxiv.org/abs/2406.06099v1
• Date: Mon, 10 Jun 2024 08:34:13 GMT
• Title: Sequential Binary Classification for Intrusion Detection in Software Defined Networks
• Authors: Ishan Chokshi, Shrihari Vasudevan, Nachiappan Sundaram, Raaghul Ranganathan,
• Abstract summary: Intrusion Detection Systems (IDS) are a pivotal part of software-Defined Networks (SDN) IDS datasets suffer from high class imbalance, which impacts the performance of standard Machine Learning (ML) models. We propose Sequential Binary Classification (SBC) - an algorithm for multi-class classification to address this issue.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Software-Defined Networks (SDN) are the standard architecture for network deployment. Intrusion Detection Systems (IDS) are a pivotal part of this technology as networks become more vulnerable to new and sophisticated attacks. Machine Learning (ML)-based IDS are increasingly seen as the most effective approach to handle this issue. However, IDS datasets suffer from high class imbalance, which impacts the performance of standard ML models. We propose Sequential Binary Classification (SBC) - an algorithm for multi-class classification to address this issue. SBC is a hierarchical cascade of base classifiers, each of which can be modelled on any general binary classifier. Extensive experiments are reported on benchmark datasets that evaluate the performance of SBC under different scenarios.

Related papers

• On the Cross-Dataset Generalization of Machine Learning for Network Intrusion Detection [50.38534263407915]
  Network Intrusion Detection Systems (NIDS) are a fundamental tool in cybersecurity. Their ability to generalize across diverse networks is a critical factor in their effectiveness and a prerequisite for real-world applications. In this study, we conduct a comprehensive analysis on the generalization of machine-learning-based NIDS through an extensive experimentation in a cross-dataset framework.
  arXiv  Detail & Related papers  (2024-02-15T14:39:58Z)
• DOC-NAD: A Hybrid Deep One-class Classifier for Network Anomaly Detection [0.0]
  Machine Learning approaches have been used to enhance the detection capabilities of Network Intrusion Detection Systems (NIDSs) Recent work has achieved near-perfect performance by following binary- and multi-class network anomaly detection tasks. This paper proposes a Deep One-Class (DOC) classifier for network intrusion detection by only training on benign network data samples.
  arXiv  Detail & Related papers  (2022-12-15T00:08:05Z)
• When a RF Beats a CNN and GRU, Together -- A Comparison of Deep Learning and Classical Machine Learning Approaches for Encrypted Malware Traffic Classification [4.495583520377878]
  We show that in the case of malicious traffic classification, state-of-the-art DL-based solutions do not necessarily outperform the classical ML-based ones. We exemplify this finding using two well-known datasets for a varied set of tasks, such as: malware detection, malware family classification, detection of zero-day attacks, and classification of an iteratively growing dataset.
  arXiv  Detail & Related papers  (2022-06-16T08:59:53Z)
• Ensemble Classifier Design Tuned to Dataset Characteristics for Network Intrusion Detection [0.0]
  Two new algorithms are proposed to address the class overlap issue in the dataset. The proposed design is evaluated for both binary and multi-category classification.
  arXiv  Detail & Related papers  (2022-05-08T21:06:42Z)
• Self-Supervised Class Incremental Learning [51.62542103481908]
  Existing Class Incremental Learning (CIL) methods are based on a supervised classification framework sensitive to data labels. When updating them based on the new class data, they suffer from catastrophic forgetting: the model cannot discern old class data clearly from the new. In this paper, we explore the performance of Self-Supervised representation learning in Class Incremental Learning (SSCIL) for the first time.
  arXiv  Detail & Related papers  (2021-11-18T06:58:19Z)
• An Adaptable Deep Learning-Based Intrusion Detection System to Zero-Day Attacks [4.607145155913717]
  Intrusion detection system (IDS) is essential element of security monitoring in computer networks. Main challenge of an IDS is facing new (i.e., zero-day) attacks and separating them from benign traffic and existing types of attacks. In this paper, we propose a framework for deep learning-based IDSes addressing new attacks.
  arXiv  Detail & Related papers  (2021-08-20T14:41:28Z)
• No Fear of Heterogeneity: Classifier Calibration for Federated Learning with Non-IID Data [78.69828864672978]
  A central challenge in training classification models in the real-world federated system is learning with non-IID data. We propose a novel and simple algorithm called Virtual Representations (CCVR), which adjusts the classifier using virtual representations sampled from an approximated ssian mixture model. Experimental results demonstrate that CCVR state-of-the-art performance on popular federated learning benchmarks including CIFAR-10, CIFAR-100, and CINIC-10.
  arXiv  Detail & Related papers  (2021-06-09T12:02:29Z)
• CREPO: An Open Repository to Benchmark Credal Network Algorithms [78.79752265884109]
  Credal networks are imprecise probabilistic graphical models based on, so-called credal, sets of probability mass functions. A Java library called CREMA has been recently released to model, process and query credal networks. We present CREPO, an open repository of synthetic credal networks, provided together with the exact results of inference tasks on these models.
  arXiv  Detail & Related papers  (2021-05-10T07:31:59Z)
• An Explainable Machine Learning-based Network Intrusion Detection System for Enabling Generalisability in Securing IoT Networks [0.0]
  Machine Learning (ML)-based network intrusion detection systems bring many benefits for enhancing the security posture of an organisation. Many systems have been designed and developed in the research community, often achieving a perfect detection rate when evaluated using certain datasets. This paper tightens the gap by evaluating the generalisability of a common feature set to different network environments and attack types.
  arXiv  Detail & Related papers  (2021-04-15T00:44:45Z)
• Binary Classification from Multiple Unlabeled Datasets via Surrogate Set Classification [94.55805516167369]
  We propose a new approach for binary classification from m U-sets for $mge2$. Our key idea is to consider an auxiliary classification task called surrogate set classification (SSC)
  arXiv  Detail & Related papers  (2021-02-01T07:36:38Z)
• Searching Central Difference Convolutional Networks for Face Anti-Spoofing [68.77468465774267]
  Face anti-spoofing (FAS) plays a vital role in face recognition systems. Most state-of-the-art FAS methods rely on stacked convolutions and expert-designed network. Here we propose a novel frame level FAS method based on Central Difference Convolution (CDC)
  arXiv  Detail & Related papers  (2020-03-09T12:48:37Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.