Collaborative Intrusion Detection System with Snort Machine Learning Plugin
DOI: http://dx.doi.org/10.62527/joiv.8.3.2018
Abstract
Keywords
Full Text:
PDFReferences
NIST, “Guide to Intrusion Detection and Prevention Systems (IDPS),” Gaithersburg, MD, 2007. doi: 10.6028/NIST.SP.800-94.
M. Tavallaee, E. Bagheri, W. Lu, A. A. Ghorbani, and I. C. I. Society., “A Detailed Analysis of the KDD CUP 99 Data Set,” in IEEE Symposium on Computational Intelligence, 2009.
S. Kumar, S. Gupta, and S. Arora, “Research Trends in Network-Based Intrusion Detection Systems: A Review,” IEEE Access, vol. 9, pp. 157761–157779, 2021, doi: 10.1109/ACCESS.2021.3129775.
S. A. R. Shah and B. Issac, “Performance comparison of intrusion detection systems and application of machine learning to Snort system,” Futur. Gener. Comput. Syst., vol. 80, pp. 157–170, 2018, doi: 10.1016/j.future.2017.10.016.
F. A. Vadhil, M. F. Nanne, and M. L. Salihi, “Importance of Machine Learning Techniques to Improve the Open Source Intrusion Detection Systems,” Indones. J. Electr. Eng. Informatics, vol. 9, no. 3, 2021, doi: 10.52549/ijeei.v9i3.3219.
A. Ghasempour, “HTTP based Network Intrusion Detection System by Using Machine Learning-Based Classifier,” Tallinn, 2021.
B. Subba, S. Biswas, and S. Karmakar, “Host Based Intrusion Detection System Using Frequency Analysis of N-Gram Terms,” in IEEE Region 10 Conference (TENCON) Malaysia, 2017.
I. Wahidah, Y. Purwanto, and A. Kurniawan, “Collaborative intrusion detection networks with multi-hop clustering for internet of things,” Int. J. Electr. Comput. Eng., vol. 11, no. 4, pp. 3255–3266, 2021, doi: 10.11591/ijece.v11i4.pp3255-3266.
K. Farhana, M. Rahman, and M. Tofael Ahmed, “An intrusion detection system for packet and flow based networks using deep neural network approach,” Int. J. Electr. Comput. Eng., vol. 10, no. 5, pp. 5514–5525, 2020, doi: 10.11591/IJECE.V10I5.PP5514-5525.
T. A. J. Ali and M. M. Taher Jawhar, “Detecting network attacks model based on a convolutional neural network,” Int. J. Electr. Comput. Eng., vol. 13, no. 3, pp. 3072–3078, 2023, doi: 10.11591/ijece.v13i3.pp3072-3078.
N. Yoshimura, H. Kuzuno, and Y. Shiraishi, “DOC-IDS : A Deep Learning-Based Method for Feature,” 2022.
S. A. Albelwi, “An Intrusion Detection System for Identifying Simultaneous Attacks using Multi-Task Learning and Deep Learning,” in 2022 2nd International Conference on Computing and Information Technology (ICCIT), 2022, pp. 349–353. doi: 10.1109/ICCIT52419.2022.9711630.
Z. Liu and Y. Shi, “A Hybrid IDS Using GA-Based Feature Selection Method and Random Forest,” Int. J. Mach. Learn. Comput., vol. 12, no. 2, 2022, doi: 10.18178/ijmlc.2022.12.2.1077.
Z. U. A. Tariq, E. Baccour, A. Erbad, M. Guizani, and M. Hamdi, “Network Intrusion Detection for Smart Infrastructure using Multi-armed Bandit based Reinforcement Learning in Adversarial Environment,” in 2022 International Conference on Cyber Warfare and Security (ICCWS), 2022, pp. 75–82. doi: 10.1109/ICCWS56285.2022.9998440.
F. A. Saputra, M. Salman, K. Ramli, A. Abdillah, and I. Syarif, “Big Data Analysis Architecture for Multi IDS Sensors using Memory based Processor,” in 2017 International Electronics Symposium on Knowledge Creation and Intelligent Computing (IES-KCIC), 2017, pp. 40–45. [Online]. Available: https://ieeexplore.ieee.org/xpl/conhome/8170163/proceeding
B. Kerim, “Securing IoT Network against DDoS Attacks using Multi-agent IDS,” J. Phys. Conf. Ser., vol. 1898, no. 1, pp. 3–10, 2021, doi: 10.1088/1742-6596/1898/1/012033.
“Wazuh - Components · Wazuh documentation.” https://documentation.wazuh.com/current/getting-started/components/index.html
“Wazuh agent - Components · Wazuh documentation.” https://documentation.wazuh.com/current/getting-started/components/wazuh-agent.html (accessed Nov. 11, 2021).
“Wazuh server - Components · Wazuh documentation.” https://documentation.wazuh.com/current/getting-started/components/wazuh-server.html (accessed Nov. 11, 2021).
“Wazuh Elastic Stack.” https://documentation.wazuh.com/current/getting-started/components/elastic_stack.html (accessed Nov. 11, 2021).
M. Gogoi and S. Mishra, “Detecting DDoS Attack,” no. March 2018, pp. 55–66, 2018, doi: 10.4018/978-1-7998-3335-2.ch004.
R. U. Rehman, Intrusion Detection Systems with Snort Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID. New Jersey: Pearson Education Inc., 2003. [Online]. Available: http://www.phptr.com
J. Frank, “Artiicial Intelligence and Intrusion Detection: Current and Future Directions,” 1994.
M. Tiwari, R. Kumar, A. Bharti, and J. Kishan, “INTRUSION DETECTION SYSTEM,” in Article in International Journal of Technical Research and Applications, 2017, vol. 5, no. 2, pp. 38–44. [Online]. Available: www.ijtra.com,
A. Singh, N. Thakur, and A. Sharma, “A review of supervised machine learning algorithms,” in 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom), 2016, pp. 1310–1315.
T. Al‐shehari and R. A. Alsowail, “An insider data leakage detection using one‐hot encoding, synthetic minority oversampling and machine learning techniques,” Entropy, vol. 23, no. 10, 2021, doi: 10.3390/e23101258.
A. Gupta, “One Hot EnCoding | Data Science and Machine Learning | Kaggle.” https://www.kaggle.com/discussions/getting-started/114797 (accessed Nov. 11, 2021).
“ML | Label Encoding of datasets in Python - GeeksforGeeks.” https://www.geeksforgeeks.org/ml-label-encoding-of-datasets-in-python/ (accessed Oct. 15, 2022).
A. Zheng and A. Casari, Feature Engineering for Machine Learning: Principles and Techniques for Data Scientists, 1st ed. California: O’Reilly Media, Inc., 2018.
I. Stromberger, N. Bacanin, and M. Tuba, “Hybridized krill herd algorithm for large-scale optimization problems,” SAMI 2017 - IEEE 15th Int. Symp. Appl. Mach. Intell. Informatics, Proc., pp. 473–478, 2017, doi: 10.1109/SAMI.2017.7880356.
G. Zhang and E. Li, “Research on IDS snort based on classic clustering algorithm,” Proc. - 2020 Int. Conf. Urban Eng. Manag. Sci. ICUEMS 2020, pp. 673–676, 2020, doi: 10.1109/ICUEMS50872.2020.00147.
P. Refaeilzadeh, L. Tang, and H. Liu, “Cross-Validation - Encyclopedia of Database Systems,” L. LIU and M. T. ÖZSU, Eds. Boston, MA: Springer US, 2009, pp. 532–538. doi: 10.1007/978-0-387-39940-9_565.
Artificially Intelligent Intrusion Detection System, “kdd99_feature_extraction,” Github, 2022. https://github.com/AIIDS/kdd99_feature_extractor (accessed Mar. 20, 2022).
Snort, “DPX Readme.” https://snort.org/documents/dpx-readme (accessed Mar. 20, 2022).
K. Labib and V. Rao Vemuri, “Detecting Denial-of-Service And Network Probe Attacks Using Principal Component Analysis,” pp. 1–8, 2011.
C. L. Schuba, I. V Krsul, M. G. Kuhn, E. H. Spafford, A. Sundaram, and D. Zamboni, “Analysis of a denial of service attack on TCP,” in Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, 1997, pp. 208–223. doi: 10.1109/secpri.1997.601338.