التفاصيل البيبلوغرافية
| العنوان: |
Intrusion detection in cyber–physical environment using hybrid Naïve Bayes—Decision table and multi-objective evolutionary feature selection. |
| المؤلفون: |
Panigrahi, Ranjit1 (AUTHOR), Borah, Samarjeet1 (AUTHOR), Pramanik, Moumita1 (AUTHOR), Bhoi, Akash Kumar2,3,4,5 (AUTHOR) akashkrbhoi@gmail.com, Barsocchi, Paolo5 (AUTHOR) paolo.barsocchi@isti.cnr.it, Nayak, Soumya Ranjan1,6 (AUTHOR) nayak.soumya17@gmail.com, Alnumay, Waleed7 (AUTHOR) wnumay@ksu.edu.sa |
| المصدر: |
Computer Communications. Apr2022, Vol. 188, p133-144. 12p. |
| مصطلحات موضوعية: |
*CYBER physical systems, *BOTNETS, INTRUSION detection systems (Computer security), FEATURE selection, NAIVE Bayes classification, MACHINE learning |
| مستخلص: |
Researchers are motivated to build effective Intrusion Detection Systems because of the implications of malicious actions in computing, communication, and cyber–physical systems (IDSs). In order to develop signature-based intrusion detection techniques that are suitable for use in cyber–physical environments, state-of-the-art supervised learning algorithms are devised. The main contribution of this research is the introduction of a signature-based intrusion detection model that is based on a hybrid Decision Table and Naive Bayes technique. In addition, the contribution of the suggested method is evaluated by comparing it to the existing literature in the field. In the preprocessing stage, Multi-Objective Evolutionary Feature Selection (MOEFS) feature selection has been used to select only five attack features from the recent CICIDS017 dataset. Keeping in view the class imbalance nature of CICIDS2017 dataset, adequate attack samples has been selected with more weightage to the attack classes having a smaller number of instances in the dataset. A hybrid of Decision Table and Naive Bayes models were combined to train and detect intrusions. Detection of botnets, port scans, Denial of Service (DoS)/Distributed Denial of Service (DDoS) attacks, such as Golden-Eye, Hulk, Slow httptest, slowloris, Heartbleed, Brute Force attacks, such as Patator (FTP), Patator (SSH), and Web attacks such as Infiltration, Web Brute Force, SQL Injection, and XSS, are all successfully detected by the proposed hybrid detection model. The proposed approach shows an accuracy of 96.8% using five features of CICIDS2017, which is higher than the accuracy of methods discussed in the literatures. • A signature-based intrusion detection schemes destined for cyber–physical environment has been proposed. • The proposed approach combines the Decision Table and Naive Bayes classifiers. • The MOEFS scheme extracts the relevant features of a recent CICIDS2017 dataset. • The proposed hybrid model successfully detects botnet, Port Scan, DoS/DDoS, Brute Force, and Web attacks. • The results reported that the proposed hybrid approach is 96.8% accurate while discriminating benign and attack instances. [ABSTRACT FROM AUTHOR] |
|
Copyright of Computer Communications is the property of Elsevier B.V. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) |
| قاعدة البيانات: |
Business Source Index |
