A Comprehensive Investigation on the Identification of Real and Encrypted Synthetic Network Attacks using Machine Learning Algorithms

Swati Chaudhari; Pratyush Shukla; Archana Thakur

doi:https://doi.org/10.14445/22492615/IJPTT-V14I1P401

Research Article | Open Access | Download PDF

Volume 14 | Issue 1 | Year 2024 | Article Id. IJPTT-V14I1P401 | DOI : https://doi.org/10.14445/22492615/IJPTT-V14I1P401

A Comprehensive Investigation on the Identification of Real and Encrypted Synthetic Network Attacks using Machine Learning Algorithms

Swati Chaudhari, Pratyush Shukla, Archana Thakur

Received	Revised	Accepted	Published
02 Feb 2024	06 Mar 2024	20 Mar 2024	08 Apr 2024

Citation :

Swati Chaudhari, Pratyush Shukla, Archana Thakur, "A Comprehensive Investigation on the Identification of Real and Encrypted Synthetic Network Attacks using Machine Learning Algorithms," International Journal of P2P Network Trends and Technology (IJPTT), vol. 14, no. 1, pp. 1-6, 2024. Crossref, https://doi.org/10.14445/22492615/IJPTT-V14I1P401

Abstract

Network Intrusion Detection Systems (NIDS) are enhanced and updated consistently, but at the same the, network intruders and hackers are also modernizing and renovating their methodologies. Hence, it is very important to develop novel Intrusion Detection Systems which is constructive to deal with heterogeneous network attacks. Recent research indicates that the Intrusion Detection Systems powered by Machine Learning techniques are capable of curbing these issues up to a great extent but still, there is a long way to go. There are several distinguished models and algorithms exist which are capable of detecting network attacks. Most of the existing research is focused on building a robust system against common and prevalent network attack categories. These approaches do not extend to some peculiar and menacing network attacks, which are often encrypted to spoof the Intrusion Detection Systems. Hence, we have proposed an effective Decision Tree Model which is capable of detecting such attacks with nearly 100% accuracy. We have also investigated and presented a comparative study of more than 10 machine learning models using one of the latest datasets, the HIKARI-2021 [1] dataset. Moreover, the existing research work, particularly dealing with encrypted attacks, does not explicitly indicate the detection accuracy of the encrypted network attack category. Hence, we have also worked on individual network attack categories for various machine-learning approaches.

Keywords

Encrypted Network Attack, Network Intrusion Detection System (NIDS), Decision Tree Algorithm, Machine Learning, Cyber Security.

References

[1] Andrey Ferriyan et al., “Generating Network Intrusion Detection Dataset Based on Real and Encrypted Synthetic Attack Traffic,” Applied Sciences, vol. 11, no. 17, pp. 1-17, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[2] R. Sekar et al., “A High-Performance Network Intrusion Detection System,” Proceedings of the 6^th ACM conference on Computer and Communications Security, pp. 8-17, 1999.
[CrossRef] [Google Scholar] [Publisher Link]

[3] Jimmy Shun, and Heidar A. Malki, “Network Intrusion Detection System Using Neural Networks,” 2008 Fourth International Conference on Natural Computation, Jinan, China, pp. 242-246, 2008.
[CrossRef] [Google Scholar] [Publisher Link]

[4] Nasrin Sultana et al., “Survey on SDN Based Network Intrusion Detection System Using Machine Learning Approaches,” Peer-to-Peer Networking and Applications, vol. 12, pp. 493-501, 2019.
[CrossRef] [Google Scholar] [Publisher Link]

[5] C. Sinclair, L. Pierce, and S. Matzner, “An Application of Machine Learning to Network Intrusion Detection,” Proceedings 15^thAnnual Computer Security Applications Conference (ACSAC’99), Phoenix, AZ, USA, pp. 371-377, 1999.
[CrossRef] [Google Scholar] [Publisher Link]

[6] Kazi Abu Taher, Billal Mohammed Yasin Jisan, and Mahbubur Rahman, “Network Intrusion Detection Using Supervised Machine Learning Technique with Feature Selection,” 2019 International Conference on Robotics, Electrical and Signal Processing Techniques (ICREST), Dhaka, Bangladesh, pp. 643-646, 2019.
[CrossRef] [Google Scholar] [Publisher Link]

[7] Robin Sommer, and Vern Paxson, “Outside the Closed World: On Using Machine Learning for Network Intrusion Detection,” 2010 IEEE Symposium on Security and Privacy, Oakland, CA, USA, pp. 305-316, 2010.
[CrossRef] [Google Scholar] [Publisher Link]

[8] Abdulrahman Al-Hababi, and Sezer C. Tokgoz, “Man-in-the-Middle Attacks to Detect and Identify Services in Encrypted Network Flows Using Machine Learning,” 2020 3^rd International Conference on Advanced Communication Technologies and Networking (CommNet), Marrakech, Morocco, pp. 1-5, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[9] Mauro Conti et al., “Analyzing Android Encrypted Network Traffic to Identify User Actions,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 1, pp. 114-125, 2016.
[CrossRef] [Google Scholar] [Publisher Link]

[10] Meng Shen et al., “Machine Learning-Powered Encrypted Network Traffic Analysis: A Comprehensive Survey,” IEEE Communications Surveys & Tutorials, vol. 25, no. 1, pp. 791-824, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[11] Maya Hilda Lestari Louk, and Bayu Adhi Tama, “Dual-IDS: A Bagging-Based Gradient Boosting Decision Tree Model for Network Anomaly Intrusion Detection System,” Expert Systems with Applications, vol. 213, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[12] Rui Fernandes, and Nuno Lopes, “Network Intrusion Detection Packet Classification with the HIKARI-2021 Dataset: A Study on ML Algorithms,” 2022 10^th International Symposium on Digital Forensics and Security (ISDFS), Istanbul, Turkey, pp. 1-5, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[13] Salvatore Stolfo et al., KDD Cup 1999 Data, UCI Machine Learning Repository, 1999.
[CrossRef] [Publisher Link]

[14] Nour Moustafa, and Jill Slay, “UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set),” 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, ACT, Australia, pp. 1-6, 2015.
[CrossRef] [Google Scholar] [Publisher Link]

[15] Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,” Proceedings of the 4^th International Conference on Information Systems Security and Privacy ICISSP, Funchal, Madeira, Portugal, vol. 1, pp. 108-116, 2018.
[CrossRef] [Google Scholar] [Publisher Link]

[16] S.R. Safavian, and D. Landgrebe, “A Survey of Decision Tree Classifier Methodology,” IEEE Transactions on Systems, Man, and Cybernetics, vol. 21, no. 3, pp. 660-674, 1991.
[CrossRef] [Google Scholar] [Publisher Link]

[17] Philip H. Swain, and Hans Hauska, “The Decision Tree Classifier: Design and Potential,” IEEE Transactions on Geoscience Electronics, vol. 15, no. 3, pp. 142-147, 1977.
[CrossRef] [Google Scholar] [Publisher Link]

[18] Zeeshan Ahmad et al., “Network Intrusion Detection System: A Systematic Study of Machine Learning and Deep Learning Approaches,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, pp. 1-29, 2021.
[CrossRef] [Google Scholar] [Publisher Link]