Mavra Mehmood¹, Talha Javed², Jamel Nebhen³, Sidra Abbas^2,*, Rabia Abid¹, Giridhar Reddy Bojja⁴, Muhammad Rizwan¹

CMC-Computers, Materials & Continua, Vol.70, No.1, pp. 91-107, 2022, DOI:10.32604/cmc.2022.019127

Abstract Due to the widespread use of the internet and smart devices, various attacks like intrusion, zero-day, Malware, and security breaches are a constant threat to any organization's network infrastructure. Thus, a Network Intrusion Detection System (NIDS) is required to detect attacks in network traffic. This paper proposes a new hybrid method for intrusion detection and attack categorization. The proposed approach comprises three steps to address high false and low false-negative rates for intrusion detection and attack categorization. In the first step, the dataset is preprocessed through the data transformation technique and min-max method. Secondly, the random forest recursive feature elimination… More >

Ziadoon K. Maseer¹, Robiah Yusof¹, Salama A. Mostafa^2,*, Nazrulazhar Bahaman¹, Omar Musa³, Bander Ali Saleh Al-rimy⁴

CMC-Computers, Materials & Continua, Vol.69, No.3, pp. 3945-3966, 2021, DOI:10.32604/cmc.2021.016074

Abstract With an increasing number of services connected to the internet, including cloud computing and Internet of Things (IoT) systems, the prevention of cyberattacks has become more challenging due to the high dimensionality of the network traffic data and access points. Recently, researchers have suggested deep learning (DL) algorithms to define intrusion features through training empirical data and learning anomaly patterns of attacks. However, due to the high dynamics and imbalanced nature of the data, the existing DL classifiers are not completely effective at distinguishing between abnormal and normal behavior line connections for modern networks. Therefore, it is important to design… More >

Yanyan Zhang¹, Xiangjin Ran^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.128, No.3, pp. 1231-1245, 2021, DOI:10.32604/cmes.2021.016866

Abstract In the network security field, the network intrusion detection system (NIDS) is considered one of the critical issues in the detection accuracy and missed detection rate. In this paper, a method of two-step network intrusion detection on the basis of GoogLeNet Inception and deep convolutional neural networks (CNNs) models is proposed. The proposed method used the GoogLeNet Inception model to identify the network packets’ binary problem. Subsequently, the characteristics of the packets’ raw data and the traffic features are extracted. The CNNs model is also used to identify the multiclass intrusions by the network packets’ features. In the experimental results,… More >

Thavavel Vaiyapuri^*, Adel Binbusayyis

CMC-Computers, Materials & Continua, Vol.68, No.3, pp. 3271-3288, 2021, DOI:10.32604/cmc.2021.017665

Abstract In the era of Big data, learning discriminant feature representation from network traffic is identified has as an invariably essential task for improving the detection ability of an intrusion detection system (IDS). Owing to the lack of accurately labeled network traffic data, many unsupervised feature representation learning models have been proposed with state-of-the-art performance. Yet, these models fail to consider the classification error while learning the feature representation. Intuitively, the learnt feature representation may degrade the performance of the classification task. For the first time in the field of intrusion detection, this paper proposes an unsupervised IDS model leveraging the… More >

Omar Almomani^*

CMC-Computers, Materials & Continua, Vol.68, No.1, pp. 409-429, 2021, DOI:10.32604/cmc.2021.016113

Abstract Network Intrusion Detection System (IDS) aims to maintain computer network security by detecting several forms of attacks and unauthorized uses of applications which often can not be detected by firewalls. The features selection approach plays an important role in constructing effective network IDS. Various bio-inspired metaheuristic algorithms used to reduce features to classify network traffic as abnormal or normal traffic within a shorter duration and showing more accuracy. Therefore, this paper aims to propose a hybrid model for network IDS based on hybridization bio-inspired metaheuristic algorithms to detect the generic attack. The proposed model has two objectives; The first one… More >

Nancy Awadallah Awad^*

CMC-Computers, Materials & Continua, Vol.67, No.1, pp. 979-990, 2021, DOI:10.32604/cmc.2021.014307

Abstract After the digital revolution, large quantities of data have been generated with time through various networks. The networks have made the process of data analysis very difficult by detecting attacks using suitable techniques. While Intrusion Detection Systems (IDSs) secure resources against threats, they still face challenges in improving detection accuracy, reducing false alarm rates, and detecting the unknown ones. This paper presents a framework to integrate data mining classification algorithms and association rules to implement network intrusion detection. Several experiments have been performed and evaluated to assess various machine learning classifiers based on the KDD99 intrusion dataset. Our study focuses… More >

R. Mythili^{1, *}, P. Kalpana²

CMC-Computers, Materials & Continua, Vol.62, No.3, pp. 1097-1107, 2020, DOI:10.32604/cmc.2020.08396

Abstract NIDS (Network Intrusion Detection Systems) plays a vital role in security threats to computers and networks. With the onset of gigabit networks, hardware-based Intrusion Detection System gains popularity because of its high performance when compared to the software-based NIDS. The software-based system limits parallel execution, which in turn confines the performance of a modern network. This paper presents a signature-based lookup technique using reconfigurable hardware. Content Addressable Memory (CAM) is used as a lookup table architecture to improve the speed instead of search algorithms. To minimize the power and to increase the speed, precomputation based CAM (PBCAM) can be used,… More >

Ling Tan^1,*, Chong Li², Jingming Xia², Jun Cao³

CMC-Computers, Materials & Continua, Vol.61, No.1, pp. 275-288, 2019, DOI:10.32604/cmc.2019.03735

Abstract Due to the widespread use of the Internet, customer information is vulnerable to computer systems attack, which brings urgent need for the intrusion detection technology. Recently, network intrusion detection has been one of the most important technologies in network security detection. The accuracy of network intrusion detection has reached higher accuracy so far. However, these methods have very low efficiency in network intrusion detection, even the most popular SOM neural network method. In this paper, an efficient and fast network intrusion detection method was proposed. Firstly, the fundamental of the two different methods are introduced respectively. Then, the self-organizing feature… More >

Jiyuan Liu¹, Yingzhi Zeng², Jiangyong Shi², Yuexiang Yang^2,∗, Rui Wang³, Liangzhong He⁴

CMC-Computers, Materials & Continua, Vol.60, No.2, pp. 721-739, 2019, DOI:10.32604/cmc.2019.05610

Abstract Recently, TLS protocol has been widely used to secure the application data carried in network traffic. It becomes more difficult for attackers to decipher messages through capturing the traffic generated from communications of hosts. On the other hand, malwares adopt TLS protocol when accessing to internet, which makes most malware traffic detection methods, such as DPI (Deep Packet Inspection), ineffective. Some literatures use statistical method with extracting the observable data fields exposed in TLS connections to train machine learning classifiers so as to infer whether a traffic flow is malware or not. However, most of them adopt the features based… More >