Accurate Attack Detection in Intrusion Detection System for cyber threat intelligence feeds using machine learning techniques.
PDF

Keywords

Cyber-threat intelligence (CTI), Security Information and event management (SIEM), Intrusion detection system (IDS), Intrusion prevention system (IPS), Denial of service (DoS), Principal component analysis (PCA), Support vector machine (SVM), Indicators of compromise (IoCs),

How to Cite

Irshad, E., & Siddiqui, A. B. (2024). Accurate Attack Detection in Intrusion Detection System for cyber threat intelligence feeds using machine learning techniques. KIET Journal of Computing and Information Sciences, 7(1), 28-41. https://doi.org/10.51153/kjcis.v7i1.198

Abstract

With the advancement of modern technology, cyber-attacks are continuously rising. Malicious behavior in the network is discovered using security devices like intrusion detection systems (IDS), firewalls, and antimalware systems. To defend organizations, procedures for detecting threats more correctly and precisely must be defined. The proposed study investigates the significance of cyber-threat intelligence (CTI) feeds in accurate IDS detection. The NSL-KDD and CSE-CICIDS-2018 datasets were analyzed in this study. This research makes use of normalization, transformation, and feature selection algorithms. Machine learning (ML) techniques were employed to determine if the traffic was normal or an attack. With the proposed study the ability to identify network attacks has improved using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

https://doi.org/10.51153/kjcis.v7i1.198
PDF

References

Conklin, Art and White, Gregory B, “E-government and cyber security: the role of cyber security exercises”, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06), IEEE, vol4, pp79b-79b, the Year 2006.

Leuprecht, Christian and Skillicorn, David B and Tait, Victoria E, “Beyond the Castle Model of cyber-risk and cyber-security”, Government Information Quarterly, volume 33, pp 250-257, the year 2016.

Zwilling, Moti and Klien, Galit and Lesjak, Duan and Wiechetek, and Cetin, Fatih and Basim, Hamdullah Nejat, “Cyber security awareness, knowledge and behavior: A comparative study”, Journal of Computer Information Systems, volume 62, pp 82-97, the year 2022.

Rajasekharaiah, KM and Dule, Chhaya S and Sudarshan, E, “Cyber security challenges and its emerging trends on latest technologies”, IOP Conference Series: Materials Science and Engineering, volume 981, pp 022062, the year 2020.

Tonge, Atul M and Kasture, Suraj S and Chaudhari, Surbhi R, “Cyber security: challenges for society-literature review”, IOSR Journal of Computer Engineering, volume 2, pp 67-75, 2013.

Von Solms, Rossouw and Van Niekerk, Johan, “From information security to cyber security”, computers & security, volume 38, pages 97-102, the year 2013.

McNeese, Michael and Cooke, Nancy J and D’Amico, Anita and Endsley, Mica R and Gonzalez, Cleotilde and Roth, Emilie and Salas, Eduardo, “Perspectives on the role of cognition in cyber security”, Proceedings of the Human Factors and Ergonomics Society Annual Meeting, volume 56, pages 268-271, the year 2012.

Choo, Kim-Kwang Raymond, “The cyber threat landscape: Challenges and future research directions”, Computers & Security, volume 30, pp719-731, the year 2011.

Spence, Aaron and Bangay, Shaun, “Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures”, International Journal of Information Security, volume= 21, pp 437-453, 2022.

Achar, Sandesh,” Cloud Computing Security for Multi-Cloud Service Providers: Controls and Techniques in our Modern Threat Landscape”, International Journal of Computer and Systems Engineering, volume=16, pages 379-384,2022.

Rowe, Dale C. and Lunt, Barry M., and Ekstrom, Joseph J, “The role of cyber-security in information technology education”, Proceedings of the 2011 conference on Information technology education, pp 113-122, 2011.

Ukwandu, Elochukwu and Ben-Farah, Mohamed Amine and Hindy, Hanan, and Bures, Miroslav and Atkinson, Robert and Tachtatzis, Christos and Andonovic, Ivan and Bellekens, Xavier, Cyber-security challenges in the aviation industry: A review of current and future trends, Information, MDPI, volume 13, pp 146, 2022.

Mahmood, Samreen and Chadhar, Mehmood and Firmin, Selena, “Cybersecurity challenges in blockchain technology: A scoping review”, Human Behavior and Emerging Technologies, Hindawi, volume 2022, 2022.

Akpan, Frank and Bendiab, Gueltoum and Shiaeles, Stavros and Karamperidis, Stavros and Michaloliakos, Michalis, “Cybersecurity challenges in the maritime sector” Network, MDPI volume2, pp 123-138, 2022.

Denning, Dorothy E, “An intrusion-detection model”, IEEE Transactions on Software Engineering, pp 222-232, 1987.

Roschke, Sebastian and Cheng, Feng and Meinel, Christoph, “Intrusion detection in the cloud”, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE, pp729-734,2009.

Effendy, David Ahmad and Kusrini, Kusrini, and Sudarmawan, Sudarmawan, “Classification of the intrusion detection system (IDS) based on the computer network. 2017 2nd International Conference on Information Technology, Information Systems and Electrical Engineering (ICITISEE), IEEE, pp 90-94, 2017.

Uppal, Hussain Ahmad Madni and Javed, Memoona and Arshad, M, “An overview of the intrusion detection system (IDS) along with its commonly used techniques and classifications”, International Journal of Computer Science and Telecommunications, Citeseer, volume 5, pp 20-24, 2014.

Ashoor, Asmaa Shaker and Gore, Sharad, “Importance of intrusion detection system (IDS)”, International Journal of Scientific and Engineering Research, volume 2, pp 1-4,2011.

Liao, Hung-Jen and Lin, Chun-Hung Richard and Lin, Ying-Chih and Tung, Kuang-Yuan, “Intrusion detection system: A comprehensive review”, Journal of Network and Computer Applications, volume 36, pp 16-24, 2013.

Wu, Yu-Sung and Foo, Bingrui and Mei, Yongguo and Bagchi, Saurabh, “Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDS”, 19th Annual Computer Security Applications Conference, 2003. Proceedings, IEEE, pp 234-244, 2003.

Khraisat, Ansam and Gondal, Iqbal and Vamplew, Peter and Kamruzzaman, Joarder, “Survey of intrusion detection systems: techniques, datasets, and challenges”, Cybersecurity, Springer, volume 2, pp 1-22,2019.

Kr. gel, Christopher and Toth, Thomas and Kirda, Engin, “Service-specific anomaly detection for network intrusion detection”, Proceedings of the 2002 ACM symposium on Applied computing, pp 201-208, 2002.

Hnamte, Vanlalruata and Hussain, Jamal, “An Extensive Survey on Intrusion Detection Systems: Datasets and Challenges for Modern Scenario”, 2021 3rd International Conference on Electrical, Control and Instrumentation Engineering (ICECIE), IEEE, pp 1-10, 2021.

Umer, Muhammad Fahad, and Sher, Muhammad, and Bi, Yaxin, “Flow-based intrusion detection: Techniques and challenges”, Computers & Security, volume70, pp 238-254,2017.

Hindy, Hanan and Brosset, David and Bayne, Ethan and Seeam, Amar and Tachtatzis, Christos and Atkinson, Robert and Bellekens, Xavier, “A taxonomy and survey of intrusion detection system design techniques, network threats and datasets”, 2018.

Azizjon, Meliboev and Jumabek, Alikhanov and Kim, Wooseong, “2020 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)}, IEEE, pp 218-224,2020.

Panigrahi, Ranjit and Borah, Samarjeet and Bhoi, Akash Kumar and Ijaz, Muhammad Fazal and Pramanik, Moumita and Kumar, Yogesh and Jhaveri, Rutvij H, “Mathematics, MDPI, volume 9, pp 751, 2021.

Balyan, Amit Kumar and Ahuja, Sachin and Lilhore, Umesh Kumar and Sharma, Sanjeev Kumar and Manoharan, Poongodi, and Algarni, Abeer D and Elmannai, Hela and Raahemifar, Kaamran, “A hybrid intrusion detection model using ega-pso and improved random forest method”, Sensors, MDPI, volume 22, pp 5986, 2022.

Ashraf, Javed and Moustafa, Nour and Khurshid, Hasnat and Debie, Essam and Haider, Waqas and Wahab, Abdul, “A review of intrusion detection systems using machine and deep learning in the internet of things: Challenges, solutions, and future directions”, Electronics, MDPI, volume 9, pp 1177, 2020.

Kasongo, Sydney Mambwe and Sun, Yanxia, “A deep learning method with filter-based feature engineering for wireless intrusion detection system”, IEEE Access, volume 7, pp 38597-38607, 2019.

Salem, Maher and Al-Tamimi, Abdel-Karim, “A Novel Threat Intelligence Detection Model Using Neural Networks”, IEEE Access, volume 10, pp 131229-131245, 2022.

RM, Swarna Priya and Maddikunta, Praveen Kumar Reddy and Parimala, M and Koppu, Srinivas and Gadepalli, Thippa Reddy and Chowdhary, Chiranji Lal, and Alazab, Mamoun, “An effective feature engineering for DNN using hybrid PCA-GWO for intrusion detection in IoMT architecture, Computer Communications, Volume 160, pp 139-149, 2020.

Kumar, Vikash and Sinha, Ditipriya and Das, Ayan Kumar and Pandey, Subhash Chandra and Goswami, Radha Tamal, “An integrated rule-based intrusion detection system: analysis on UNSW-NB15 data set and the real-time online dataset”, Cluster Computing, Springer, volume 23, pp 1397-1418, 2020.

Alohali, Manal Abdullah and Al-Wesabi, Fahd N and Hilal, Anwer Mustafa and Goel, Shalini, and Gupta, Deepak and Khanna, Ashish,” Artificial intelligence enabled intrusion detection systems for cognitive cyber-physical systems in industry 4.0 environment”, Cognitive Neurodynamic, Springer, volume 16, pp 1045-1057,2022.

Guarascio, Massimo and Cassavia, Nunziato and Pisani, Francesco Sergio and Manco, Giuseppe, “Boosting cyber-threat intelligence via collaborative intrusion detection”, Future Generation Computer Systems, volume 135, pp 30-43,2022.

Li, XuKui and Chen, Wei and Zhang, Qianru and Wu, Lifa, “Building auto-encoder intrusion detection system based on random forest feature selection, Computers & Security, volume 95, pp 101851, 2020.

Asif, Muhammad and Abbas, Sagheer and Khan, MA and Fatima, Areej and Khan, Muhammad Adnan and Lee, Sang-Woong, “MapReduce based intelligent model for intrusion detection using machine learning technique”, Journal of King Saud University-Computer and Information Sciences, 2021.

T. D. Wagner, K. Mahbub, E. Palomar, and A. E. Abdallah,” Cyber threat intelligence sharing: Survey and research directions,” Computers & Security, vol. 87, p. 101589, 2019.

T. D. Wagner, E. Palomar, K. Mahbub, and A. E. Abdallah, “A novel trust taxonomy for shared cyber threat intelligence,” Security and Communication Networks, vol. 2018, 2018.

V. Mavroeidis and S. Bromander,” Cyber threat intelligence model: an evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence,” in 2017 European Intelligence and Security Informatics Conference (EISIC). IEEE, 2017, pp. 91-98.

M. Conti, T. Dargahi, and A. Dehghantanha,” Cyber threat intelligence: challenges and opportunities,” in Cyber Threat Intelligence. Springer, 2018, pp. 1-6.

Gartner, ”2021 Gartner,” https://www.gartner.com, 2021.

R. Brown and R. M. Lee, “The evolution of cyber threat intelligence (cti)”: 2019 sans cti survey,” SANS Institute: Singapore, 2019.

Tounsi, Wiem and Rais, Helmi, “A survey on technical threat intelligence in the age of sophisticated cyber-attacks”, Computers & Security, volume 72, pp 212-233,2018.

Ramsdale, Andrew and Shiaeles, Stavros and Kolokotronis, Nicholas, “A comparative analysis of cyber-threat intelligence sources, formats, and languages”, Electronics, volume 9, pp 824, 2020.

Berndt, Anzel and Ophoff, Jacques, “Exploring the value of a cyber threat intelligence function in an organization”, Information Security Education. Information Security in Action: 13th IFIP WG 11.8 World Conference, WISE 13, Maribor, Slovenia, September 21--23, 2020, Proceedings 13, Springer, pp 96-109, 2020.

Zibak, Adam and Simpson, Andrew, “Cyber threat information sharing: Perceived benefits and barriers”, Proceedings of the 14th International Conference on Availability, Reliability, and Security, pp 1-9 2019.

Samtani, Sagar and Abate, Maggie and Benjamin, Victor and Li, Weifeng, “Cybersecurity as an industry: A cyber threat intelligence perspective”, The Palgrave Handbook of International Cybercrime and Cyberdeviance, Springer, pp 135-154,2020.

Zibak, Adam and Sauerwein, Clemens and Simpson, Andrew, “A success model for cyber threat intelligence management platforms”, Computers & Security, volume 111, pp 102466, 2021.

Kevric, J., Jukic, S. Subasi, A. An effective combining classifier approach using tree algorithms for network intrusion detection. Neural Computing Applications 28, 1051–1058 (2017).

Kabir, Md Reazul, Abdur Rahman Onik, and Tanvir Samad.” A network intrusion detection framework based on Bayesian network using wrapper approach.” International Journal of Computer Applications 166.4 (2017).

Hagos, Desta Haileselassie, et al.” Enhancing security attacks analysis using regularized machine learning techniques.” 2017 IEEE 31st International Conference on Advanced Information Networking and Applications (AINA). IEEE, 2017

Divya Goyal, Research Scholar Hardeep Singh, A.P. Dept. CSE at LPU, Jalandhar. Paper on Machine learning Techniques: Outlier Detection and Text summarization, International Journal of Scientific Engineering Research, Volume 5, Issue 3, March 2014 223

IJCSNS International Journal: Intrusion Detection Using Machine Learning along Fuzzy Logic and Genetic Algorithms, Y. Dhanalakshmi and Dr. Ramesh Babu, Dept of Computer Science Engineering Acharya Nagarjuna University, Guntur, A.P. India.

Chitrakar, Roshan, and Chuanhe Huang.” Anomaly-based intrusion detection using hybrid learning approach of combining k-medoids clustering and naive Bayes classification.” 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing. IEEE, 2012

Duque, Solane, and Mohd Nizam bin Omar.” Using data mining algorithms for developing a model for intrusion detection system (IDS).” Procedia Computer Science 61 (2015): 46-51.

Agarwal, Basant, and Namita Mittal.” Hybrid approach for detection of anomaly network traffic using data mining techniques.” Procedia Technology 6 (2012): 996-1003

Muda, Z. Mohamed, Warusia Sulaiman, md nasir Udzir, Nur. (2016). K-Means Clustering and Naive Bayes Classification for Intrusion Detection. Journal of IT in Asia. 4. 13-25. 10.33736/jita.45.2014.

U. S. Musa, M. Chhabra, A. Ali and M. Kaur,” Intrusion Detection System using Machine Learning Techniques: A Review,” 2020 International Conference on Smart Electronics and Communication (ICOSEC), 2020, pp. 149-155, doi: 10.1109/ICOSEC49089.2020.9215333.

Alkasassbeh and Almseidin. (2018). Machine Learning Methods for Network Intrusions. International Conference on Computing, Communication (ICCCNT). Arxiv.

Marzia Z. and Chung-Horng L. (2018). Evaluation of Machine Learning Techniques for Network Intrusion Detection. IEEE. (pp. 1-5)

Dutt t I. et al. (2018). Real-Time Hybrid Intrusion Detection System. International Conference on Communication, Devices and Networking (ICCDN). (pp. 885-894). Springer.

Kazi A., Billal M. and Mahbubur R. (2019). Network Intrusion Detection using Supervised Machine Learning Technique with feature selection. International Conference on Robotics, Electrical and Signal Processing Techniques (ICREST). (pp. 643-646). IEEE.

Rajagopal S., Poornima P. K. and Kat iganere S. H. (2020). A Stacking Ensemble for Network Intrusion Detection using Heterogeneous Datasets. Journal of Security and Communication Networks. Hindawi.

S. Thapa and A.D Mailewa (2020). The Role of Intrusion Detection/Prevention Systems in Modern Computer Networks: A Review. Conference: Midwest Instruction and Computing Symposium (MICS). Wisconsin, USA. Volume: fifty-three. (pp. 1-14).

Chibuzor John Ugochukwu, E. O Bennett.An Intrusion Detection System Using Machine Learning Algorithm Department of Computer Science, International Journal of Computer Science and Mathematical Theory ISSN 2545-5699 Vol. 4 No.1 2018.

Alqahtani H., Sarker I.H., Kalim A., Minhaz Hossain S.M., Ikhlaq S., Hossain S. (2020) Cyber Intrusion Detection Using Machine Learning Classification Techniques. In: Chaubey N., Parikh S., Amin K. (eds) Computing Science, Communication and Security. COMS2 2020. Communications in Computer and Information Science, vol 1235. Springer, Singapore. https://doi.org/10.1007/978-981-15-6648-6 10.

Xin, Y., et al.: Machine learning and deep learning methods for cybersecurity. IEEE Access 6, 35365–35381 (2018).

Ferrag, Maglaras, Moschoyiannis, Janicke (2019). Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study, Journal of Information Security and Applications.

Singh, Geeta and Khare, Neelu, A survey of intrusion detection from the perspective of intrusion datasets and machine learning techniques, International Journal of Computers and Applications, 2021.