Extreme Machine Learning Algorithm and Parallel Processing Approach for Intelligent Intrusion Detection System

Main Article Content

B Santhosh Kumar, M Raghavendra Reddy

Abstract

An IDS using machine learning is under development that aims to provide network- and host-level intrusion detection in a timely and autonomous manner. However, because harmful assaults are always evolving and occuring in high numbers, various issues develop, necessitating a scalable solution. Various malware datasets are publicly available for further investigation by the cyber security community. However, no previous study has examined the performance of several machine learning algorithms using publicly available datasets in depth. Because malware is dynamic, with constantly changing attack tactics, publically available malware datasets must be updated and benchmarked on a regular basis. Deep neural network (DNN), a sort of deep learning model and EML is investigated in this research in order to construct a flexible and effective IDS for detecting and classifying unanticipated and unanticipated cyber-attacks. Because of the constant change in network behaviour and the quick evolution of attacks, it is required to analyse numerous datasets that have been created throughout time using static and dynamic methodologies. This sort of research aids in the identification of the optimal algorithm for identifying future cyber-attacks. Several freely accessible malware datasets demonstrate the evaluations of trials for DNNs and other conventional machine learning classifiers. Using KDDCup 99 dataset, the best network parameters and network topologies for DNNs are determined. With learning rate varied between 0.01 and 0.5, all DNN experiments are done for at least 1,000 epochs. Other datasets, such as NSL-KDD, UNSW-NB15, Kyoto, WSN-DS, and CICIDS 2017, are benchmarked using the DNN model which fared well on KDDCup 99. Using several hidden layers, our DNN model learns the complex and high-dimensional feature representation of the IDS data. It has been confirmed through extensive experimentation that DNNs perform better than classifiers made of standard machine learning algorithms. Additionally, we build a framework named Scale-Hybrid-IDS-AlertNet (SHIA) that is simple to scale and easy to use for real-time network traffic monitoring and for on-the-fly host-level cyber attack alerting. Extension: In this project as extension work I added Extreme Machine Learning algorithm and parallel processing to get better accuracy and less execution time.

Article Details

Section
Articles