Network Intrusion Anomaly Detection Model Based on Multiclassifier Fusion Technology
نویسندگان
چکیده
With the increasing development of industrial Internet, network security has attracted more and attention. Among numerous technologies, anomaly detection technology based on traffic become an important research field. At present, a large number methods for have been proposed. Most better performance are supervised machine learning algorithms, which require labelled data model training. However, in real network, it is impossible to manually filter label large-scale data. Network administrators can only use unsupervised algorithms actual detection, effects much worse than algorithms. To improve accuracy methods, this study proposes multiple classifier fusion technology, applies different techniques (such as Majority Vote, Weighted Naive Bayes) fuse results five best performing Comparative experiments carried out three public datasets. Experimental show that, terms RECALL AUC score, proposed achieves separate baseline robustness stability, be effectively applied wide range scenarios.
منابع مشابه
Revisiting Anomaly-based Network Intrusion Detection Systems
Intrusion detection systems (IDSs) are well-known and widely-deployed security tools to detect cyber-attacks and malicious activities in computer systems and networks. A signature-based IDS works similar to anti-virus software. It employs a signature database of known attacks, and a successful match with current input raises an alert. A signature-based IDS cannot detect unknown attacks, either ...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملProtocol Anomaly Detection for Network-based Intrusion Detection
A taxonomy was developed by Axelsson to define the space of intrusion detection technology and classify IDSs. The taxonomy categorizes IDSs by their detection principle and their operational aspects. The two main categories of detection principles are signature detection and anomaly detection. The remainder of this paper will compare the two categories of detection principles and describe a new...
متن کاملModel-Based Anomaly Detection on Network Services
The key hypothesis to anomaly detection assumes anomalous behaviors are suspicious from a normality point of view. This work provides a new perspective, network service, to model network activity for detecting anomalies. Past models often suffer from lacking of model normality verification, only including particular behavior aspect, and focusing on individual model. To confront them, we propose...
متن کاملAnomaly Network Intrusion Detection Using Hidden Markov Model
Cyberattacks become more sophisticated than before, as they involve intelligent planning with respect to the target machine. The current defense products might not be able to correlate diverse sensor input. For example, a client with low security awareness is in the distributed network environment where the target resides might be compromised and unnoticed, which in turn is used as a stepping s...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Mobile Information Systems
سال: 2023
ISSN: ['1875-905X', '1574-017X']
DOI: https://doi.org/10.1155/2023/1594622