Research Article | Open Access | Download PDF
Volume 14 | Issue 1 | Year 2024 | Article Id. IJPTT-V14I1P401 | DOI : https://doi.org/10.14445/22492615/IJPTT-V14I1P401A Comprehensive Investigation on the Identification of Real and Encrypted Synthetic Network Attacks using Machine Learning Algorithms
Swati Chaudhari, Pratyush Shukla, Archana Thakur
Received | Revised | Accepted | Published |
---|---|---|---|
02 Feb 2024 | 06 Mar 2024 | 20 Mar 2024 | 08 Apr 2024 |
Citation :
Swati Chaudhari, Pratyush Shukla, Archana Thakur, "A Comprehensive Investigation on the Identification of Real and Encrypted Synthetic Network Attacks using Machine Learning Algorithms," International Journal of P2P Network Trends and Technology (IJPTT), vol. 14, no. 1, pp. 1-6, 2024. Crossref, https://doi.org/10.14445/22492615/IJPTT-V14I1P401
Abstract
Network Intrusion Detection Systems (NIDS) are enhanced and updated consistently, but at the same the, network intruders and hackers are also modernizing and renovating their methodologies. Hence, it is very important to develop novel Intrusion Detection Systems which is constructive to deal with heterogeneous network attacks. Recent research indicates that the Intrusion Detection Systems powered by Machine Learning techniques are capable of curbing these issues up to a great extent but still, there is a long way to go. There are several distinguished models and algorithms exist which are capable of detecting network attacks. Most of the existing research is focused on building a robust system against common and prevalent network attack categories. These approaches do not extend to some peculiar and menacing network attacks, which are often encrypted to spoof the Intrusion Detection Systems. Hence, we have proposed an effective Decision Tree Model which is capable of detecting such attacks with nearly 100% accuracy. We have also investigated and presented a comparative study of more than 10 machine learning models using one of the latest datasets, the HIKARI-2021 [1] dataset. Moreover, the existing research work, particularly dealing with encrypted attacks, does not explicitly indicate the detection accuracy of the encrypted network attack category. Hence, we have also worked on individual network attack categories for various machine-learning approaches.
Keywords
Encrypted Network Attack, Network Intrusion Detection System (NIDS), Decision Tree Algorithm, Machine Learning, Cyber Security.
References
[1] Andrey Ferriyan et al.,
“Generating Network Intrusion Detection Dataset Based on Real and Encrypted
Synthetic Attack Traffic,” Applied
Sciences, vol. 11, no. 17, pp. 1-17, 2021.
[CrossRef]
[Google Scholar] [Publisher
Link]
[2] R. Sekar et al., “A
High-Performance Network Intrusion Detection System,” Proceedings of the 6th ACM conference on Computer and
Communications Security, pp. 8-17, 1999.
[CrossRef]
[Google Scholar] [Publisher
Link]
[3] Jimmy Shun, and Heidar A.
Malki, “Network Intrusion Detection System Using Neural Networks,” 2008 Fourth International Conference on
Natural Computation, Jinan, China, pp. 242-246, 2008.
[CrossRef]
[Google Scholar] [Publisher Link]
[4] Nasrin Sultana et al.,
“Survey on SDN Based Network Intrusion Detection System Using Machine Learning
Approaches,” Peer-to-Peer Networking and
Applications, vol. 12, pp. 493-501, 2019.
[CrossRef]
[Google Scholar] [Publisher Link]
[5] C. Sinclair, L. Pierce,
and S. Matzner, “An Application of Machine Learning to Network Intrusion
Detection,” Proceedings 15th Annual
Computer Security Applications Conference (ACSAC’99), Phoenix, AZ, USA, pp.
371-377, 1999.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Kazi Abu Taher, Billal
Mohammed Yasin Jisan, and Mahbubur Rahman, “Network Intrusion Detection Using
Supervised Machine Learning Technique with Feature Selection,” 2019 International Conference on Robotics,
Electrical and Signal Processing
Techniques (ICREST), Dhaka, Bangladesh, pp. 643-646, 2019.
[CrossRef]
[Google Scholar] [Publisher Link]
[7] Robin Sommer, and Vern
Paxson, “Outside the Closed World: On Using Machine Learning for Network
Intrusion Detection,” 2010 IEEE Symposium
on Security and Privacy, Oakland, CA, USA, pp. 305-316, 2010.
[CrossRef]
[Google Scholar] [Publisher Link]
[8] Abdulrahman Al-Hababi,
and Sezer C. Tokgoz, “Man-in-the-Middle Attacks to Detect and Identify Services
in Encrypted Network Flows Using Machine Learning,” 2020 3rd International Conference on Advanced Communication
Technologies and Networking (CommNet), Marrakech, Morocco, pp. 1-5, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Mauro Conti et al.,
“Analyzing Android Encrypted Network Traffic to Identify User Actions,” IEEE Transactions on Information Forensics
and Security, vol. 11, no. 1, pp. 114-125, 2016.
[CrossRef]
[Google Scholar] [Publisher Link]
[10] Meng Shen et al.,
“Machine Learning-Powered Encrypted Network Traffic Analysis: A Comprehensive
Survey,” IEEE Communications Surveys
& Tutorials, vol. 25, no. 1, pp. 791-824, 2023.
[CrossRef]
[Google Scholar] [Publisher Link]
[11] Maya Hilda Lestari Louk,
and Bayu Adhi Tama, “Dual-IDS: A Bagging-Based Gradient Boosting Decision Tree
Model for Network Anomaly Intrusion Detection System,” Expert Systems with Applications, vol. 213, 2023.
[CrossRef]
[Google Scholar] [Publisher Link]
[12] Rui Fernandes, and Nuno
Lopes, “Network Intrusion Detection Packet Classification with the HIKARI-2021
Dataset: A Study on ML Algorithms,” 2022
10th International Symposium on Digital Forensics and Security
(ISDFS), Istanbul, Turkey, pp. 1-5, 2022.
[CrossRef]
[Google Scholar] [Publisher Link]
[13] Salvatore
Stolfo et al., KDD Cup 1999 Data, UCI
Machine Learning Repository, 1999.
[CrossRef]
[Publisher Link]
[14] Nour Moustafa, and Jill
Slay, “UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection
Systems (UNSW-NB15 Network Data Set),” 2015
Military Communications and Information Systems Conference (MilCIS),
Canberra, ACT, Australia, pp. 1-6, 2015.
[CrossRef]
[Google Scholar] [Publisher Link]
[15] Iman Sharafaldin, Arash
Habibi Lashkari, and Ali A. Ghorbani, “Toward Generating a New Intrusion
Detection Dataset and Intrusion Traffic Characterization,” Proceedings of the 4th International Conference on
Information Systems Security and Privacy ICISSP, Funchal, Madeira,
Portugal, vol. 1, pp. 108-116, 2018.
[CrossRef]
[Google Scholar] [Publisher Link]
[16] S.R. Safavian, and D.
Landgrebe, “A Survey of Decision Tree Classifier Methodology,” IEEE Transactions on Systems, Man,
and Cybernetics, vol. 21, no. 3, pp. 660-674, 1991.
[CrossRef]
[Google Scholar] [Publisher Link]
[17] Philip H. Swain, and Hans
Hauska, “The Decision Tree Classifier: Design and Potential,” IEEE Transactions on Geoscience Electronics,
vol. 15, no. 3, pp. 142-147, 1977.
[CrossRef]
[Google Scholar] [Publisher Link]
[18] Zeeshan Ahmad et al.,
“Network Intrusion Detection System: A Systematic Study of Machine Learning and
Deep Learning Approaches,” Transactions
on Emerging Telecommunications Technologies, vol. 32, no. 1, pp. 1-29,
2021.
[CrossRef]
[Google Scholar] [Publisher Link]