مشخصات مقاله | |
ترجمه عنوان مقاله | یک سیستم تشخیص نفوذ دو فازی جدید با یادگیری ماشین ساده بیز برای طبقه بندی داده ها و روش پوشش بیضی برای تشخیص ناهنجاری |
عنوان انگلیسی مقاله | A new two-phase intrusion detection system with Naïve Bayes machine learning for data classification and elliptic envelop method for anomaly detection |
نشریه | الزویر |
انتشار | مقاله سال ۲۰۲۳ |
تعداد صفحات مقاله انگلیسی | ۸ صفحه |
هزینه | دانلود مقاله انگلیسی رایگان میباشد. |
نوع نگارش مقاله |
مقاله پژوهشی (Research Article) |
مقاله بیس | این مقاله بیس میباشد |
نمایه (index) | Scopus – DOAJ |
نوع مقاله | ISI |
فرمت مقاله انگلیسی | |
شناسه ISSN | ۲۷۷۲-۶۶۲۲ |
فرضیه | ندارد |
مدل مفهومی | دارد |
پرسشنامه | ندارد |
متغیر | ندارد |
رفرنس | دارد |
رشته های مرتبط | مهندسی کامپیوتر – مهندسی فناوری اطلاعات |
گرایش های مرتبط | امنیت اطلاعات – هوش مصنوعی – مهندسی الگوریتم ها و محاسبات – اینترنت و شبکه های گسترده – شبکه های کامپیوتری |
نوع ارائه مقاله |
ژورنال |
مجله | مجله تجزیه و تحلیل تصمیم – Decision Analytics Journal |
دانشگاه | Department of Computer Science, Central University of Rajasthan, Ajmer, India |
کلمات کلیدی | اینترنت اشیا – سیستم تشخیص نفوذ – یادگیری ماشینی – طبقه بندی کننده ساده بیز – پاکت بیضوی بدون نظارت |
کلمات کلیدی انگلیسی | Internet of Things – Intrusion detection system – Machine learning – Naive Bayes classifier – Unsupervised elliptic envelope |
شناسه دیجیتال – doi |
https://doi.org/10.1016/j.dajour.2023.100233 |
لینک سایت مرجع | https://www.sciencedirect.com/science/article/pii/S2772662223000735 |
کد محصول | e17444 |
وضعیت ترجمه مقاله | ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید. |
دانلود رایگان مقاله | دانلود رایگان مقاله انگلیسی |
سفارش ترجمه این مقاله | سفارش ترجمه این مقاله |
فهرست مطالب مقاله: |
Abstract ۱ Introduction ۲ Related work ۳ Proposed work ۴ Experimental setup and results ۵ Conclusion Declaration of Competing Interest Data availability References |
بخشی از متن مقاله: |
Abstract Technology is pivotal in the rapid growth of services and intensifying the quality of life. Recent technology, like the Internet of Things (IoT), demonstrates an impressive performance in fast-forward development. Intrusion Detection System (IDS) is used as a lifeline to prevent attacks by classifying the activities as normal and suspicious. In this paper, we propose a two-phase IDS for IoT. In the first phase, we categorize data into four sections according to the data types (i.e., nominal, integer, binary, and float). We then classify them using different versions of the Naive Bayes classifier. After that, we use majority voting to choose the final result of the classification. In the second phase, we pass those data which behave normally or are benign in the first phase and classify them using an unsupervised elliptic envelope. We validated our work using the standard NSL-KDD, UNSW_NB15, and CIC-IDS2017 datasets. We found the proposed method more efficient than existing IDS techniques and achieved reasonable accuracy in the first phase. Furthermore, the benign data is sent to the second phase of the analysis. After the second phase, we achieved a 97% accuracy in the NSL-KDD dataset, 86.9% in the UNSW_NB15 dataset, and 98.59% accuracy in the CIC-IDS2017 dataset.
Introduction In the evolutionary era, the Internet has always been performing a most significant role. Globally, the total estimate of Internet users is projected to increase from 3.9 billion in 2018 to 5.3 billion by 2023, as stated by Cisco Annual Internet Report [1]. Furthermore, the Internet of Things (IoT) is becoming increasingly widespread. IoT integrates many heterogeneous objects (such as in a smart home: intelligent bulbs, refrigerators, fans, air conditioners, automated doors, and TVs.) with various connecting technologies such as Bluetooth Low Energy (BLE), WiFi, and ZigBee. There are also other domains and applications in which the IoT can play an important role and enhance our lives quality. These applications include smart transportation, industrial automation, agriculture, and healthcare [2]. The IoT model [3] has been emerging towards formulating a cyber–physical environment where everything can be found, operated, investigated, and modernized. Because of being connected, the chances of attacks on the network increase. Many attacks and malicious incidents can affect different layers of the IoT architecture, creating security concerns. Makhdoom et al. [4] discussed the commonly known attacks on different layers, depending on the anatomy of the malware, and IoT-enabled cyber-attacks are also illustrated in a survey [5]. Similarly, Zarpel et al. [6] elaborated on intrusion detection systems in IoT. They have classified IDS based on placement strategies, detection methods, security threats, and validation strategies. Zargar et al. [7] explained in detail about Distributed Denial of Service (DDoS) attacks and also classified the countermeasures.
Conclusion This paper presents a machine learning-based two-phase IDS. Firstly, we categorize data into four sections according to the data types (e.g., nominal, integer, binary, and float). Then classify them using different versions of the Naive Bayes classifier. After that, with the help of majority voting, we choose the final result of the classification. In the second phase, we pass those data which behave like normal in the first stage, and these data are classified using an unsupervised elliptic envelope. It draws an imaginary envelope and assigns value 1, which lies inside the Envelope, and −۱ outside the Envelope. Our proposed model is also performing very well in the imbalanced distribution of the data by providing the weight initialization to each class. Finally, we got an overall 97% accuracy with a meager false positive rate. The drawback of this model is that it does not work pretty in multiclass classification. In future work, we will improve the multiclass classification and feature engineering techniques model, expand this procedure in real-time for network traffic analysis, and evaluate performance. We will further attempt to capture network data by deploying IoT devices in the real world. Moreover, the IDS system will detect malicious incidents in real-time and immediately take appropriate action to prevent damage. |