Artificial Intelligence-Based Intrusion Detection System
Added on 2022-01-17
12 Pages2988 Words162 Views
Theoretical Computer ScienceData Science and Big DataArtificial Intelligence
|
|
|
Artificial Intelligence-Based Intrusion Detection System1
ARTIFICIAL INTELLIGENCE-BASED INTRUSION DETECTION SYSTEM
Course
University
Date
ARTIFICIAL INTELLIGENCE-BASED INTRUSION DETECTION SYSTEM
Course
University
Date
Artificial Intelligence-Based Intrusion Detection System2
Artificial Intelligence-Based Intrusion Detection System
Cyberattacks in today's enterprise environments is enormous, and it's just becoming bigger.
As a result, monitoring and strengthening a company's cybersecurity posture requires more
than just human intervention.
The goal of a network intrusion detection is to detect and track hostile activity. The majority
of existing IDSs fall into one of two groups. They are signature-based and anomaly-based
intrusion detection systems. A signature-based intrusion detection attempts to identify
intrusions by matching previously known assaults with incoming traffic. These intrusions are
kept in the database like a signature. Intrusion detection system detects existing assaults well,
but it frequently fails to detect fresh threats. The following category is known as anomaly-
based intrusion detection systems (IDS). Furthermore, there have been an existence of an
upsurge in security concerns like nil attacks targeting internet users. As a result, computer
security is becoming increasingly important as the usage of information technology has been
ingrained in our everyday lives. for that reason, negligible attacks have had a substantial
impact on countries like Australia and the United States. As per the Threat Report, over three
billion nil assaults were recorded in 2016, with the number and severity of nil attacks being
significantly higher than previously. More and more businesses are becoming exposed to
Internet-based assaults and invasions. An incursion or assault is "any collection of acts that
seek to violate the security goals." Availability, Transparency, Anonymity, Equity, and
Assurance are all critical security concerns (Gill & Gill 2018). Intruders are divided into four
types: exploring, disruption of access, user-to-root, and remote-to-user assaults. A lot of anti-
intrusion technologies have been developed to prevent a significant percentage of Internet
assaults. According to (Gmiden et al. 2019), intrusion detection systems are one of six anti-
Artificial Intelligence-Based Intrusion Detection System
Cyberattacks in today's enterprise environments is enormous, and it's just becoming bigger.
As a result, monitoring and strengthening a company's cybersecurity posture requires more
than just human intervention.
The goal of a network intrusion detection is to detect and track hostile activity. The majority
of existing IDSs fall into one of two groups. They are signature-based and anomaly-based
intrusion detection systems. A signature-based intrusion detection attempts to identify
intrusions by matching previously known assaults with incoming traffic. These intrusions are
kept in the database like a signature. Intrusion detection system detects existing assaults well,
but it frequently fails to detect fresh threats. The following category is known as anomaly-
based intrusion detection systems (IDS). Furthermore, there have been an existence of an
upsurge in security concerns like nil attacks targeting internet users. As a result, computer
security is becoming increasingly important as the usage of information technology has been
ingrained in our everyday lives. for that reason, negligible attacks have had a substantial
impact on countries like Australia and the United States. As per the Threat Report, over three
billion nil assaults were recorded in 2016, with the number and severity of nil attacks being
significantly higher than previously. More and more businesses are becoming exposed to
Internet-based assaults and invasions. An incursion or assault is "any collection of acts that
seek to violate the security goals." Availability, Transparency, Anonymity, Equity, and
Assurance are all critical security concerns (Gill & Gill 2018). Intruders are divided into four
types: exploring, disruption of access, user-to-root, and remote-to-user assaults. A lot of anti-
intrusion technologies have been developed to prevent a significant percentage of Internet
assaults. According to (Gmiden et al. 2019), intrusion detection systems are one of six anti-
Artificial Intelligence-Based Intrusion Detection System3
intrusion systems, including prevention, preemption, deterrent, diversion, surveillance, and
remedies. The flawless detection of an incursion is the most critical of these elements. In
section two, intrusion detection systems using AI-based approaches will be discussed.
Some Intrusion detection systems were created using a single classification approach, while
others used several classification methods (Aloqaily, et al 2019). Nevertheless, there is no
complete assessment of these intrusion detection algorithms.
The purpose of this study is threefold. The first goal is to provide a short primer to intrusion
detection systems, intrusion detection system construction, and intrusion detection system
categorization. The paper's second goal is to present a study of previous research on AI-based
strategies for intrusion detection by investigating the origin of data sets, computation
requirements, classification methodology employed, classifier architecture, dataset,
segmentation techniques, and other experimentation setting setups. This article focuses on the
fundamental Methodologies, which include Decision Tree, Support Vector Machine (SVM),
Rule-Based, Fuzzy Logic, Data Mining, Genetic Algorithm, Neural Network (NN), Bayesian
Network, Markov model, and clustering techniques.
Intrusion Detection System
One of the standardized parts of protection systems is an intrusion detection system, which is
described as "an effective cybersecurity technology that can identify, mitigate, and perhaps
respond to computer threats." It examines target activity sources in system or computer
devices, such as audit and communication traffic information, and employs different
methodologies to deliver security agencies (Smys, et al 2020). The primary goal of intrusion
detection systems is to identify all intrusions as quickly as possible. The use of intrusion
detection systems enables network managers to discover objective security breaches. External
attackers attempting to obtain unlawful access to system security architecture or rendering
intrusion systems, including prevention, preemption, deterrent, diversion, surveillance, and
remedies. The flawless detection of an incursion is the most critical of these elements. In
section two, intrusion detection systems using AI-based approaches will be discussed.
Some Intrusion detection systems were created using a single classification approach, while
others used several classification methods (Aloqaily, et al 2019). Nevertheless, there is no
complete assessment of these intrusion detection algorithms.
The purpose of this study is threefold. The first goal is to provide a short primer to intrusion
detection systems, intrusion detection system construction, and intrusion detection system
categorization. The paper's second goal is to present a study of previous research on AI-based
strategies for intrusion detection by investigating the origin of data sets, computation
requirements, classification methodology employed, classifier architecture, dataset,
segmentation techniques, and other experimentation setting setups. This article focuses on the
fundamental Methodologies, which include Decision Tree, Support Vector Machine (SVM),
Rule-Based, Fuzzy Logic, Data Mining, Genetic Algorithm, Neural Network (NN), Bayesian
Network, Markov model, and clustering techniques.
Intrusion Detection System
One of the standardized parts of protection systems is an intrusion detection system, which is
described as "an effective cybersecurity technology that can identify, mitigate, and perhaps
respond to computer threats." It examines target activity sources in system or computer
devices, such as audit and communication traffic information, and employs different
methodologies to deliver security agencies (Smys, et al 2020). The primary goal of intrusion
detection systems is to identify all intrusions as quickly as possible. The use of intrusion
detection systems enables network managers to discover objective security breaches. External
attackers attempting to obtain unlawful access to system security architecture or rendering
Artificial Intelligence-Based Intrusion Detection System4
resources inaccessible to insiders misusing their administrator privileges are examples of
security goal violations. Several IDS architectures have been presented as the number of
computer assaults has grown over time. According to (Nisioti et al. 2018), standard IDS
components include the following: The identity to be watched for incursions is the Internet. It
might be a solitary host or a chain. The computing and storage unit oversees the gathering of
data from various events, converting it into the correct format, and storing it on disk. IDS'
brain is the data analysis and processing unit. It includes all the capabilities required to detect
unusual activity in attack flow. When an assault is detected, a signal is generated. Depending
on the kind of intrusion detection systems, the system may take action to resolve the issue
directly, or a signal may be sent to the system administrator to take necessary action; Signal:
This section of the network processes all IDS information. The result might be an automatic
reaction to an invasion or a harmful behavior warning for an information security manager.
Intrusion Detection Techniques
Many strategies from various fields have been used in the literature to identify intrusions.
Statistical approaches, knowledge-based strategies, and artificial intelligence (AI)-based
methods are the most common. The state of the system is depicted from a randomized
perspective in statistics-based intrusion detection systems. On the other extreme, knowledge-
based intrusion detection approaches attempt to extract the asserted behavior from accessible
system data (protocol specifications, network traffic instances, etc.). Lastly, AI-based IDS
approaches need the creation of a direct or indirect framework that enables anomalies to be
classified (Hajiheidari et al., 2019).
resources inaccessible to insiders misusing their administrator privileges are examples of
security goal violations. Several IDS architectures have been presented as the number of
computer assaults has grown over time. According to (Nisioti et al. 2018), standard IDS
components include the following: The identity to be watched for incursions is the Internet. It
might be a solitary host or a chain. The computing and storage unit oversees the gathering of
data from various events, converting it into the correct format, and storing it on disk. IDS'
brain is the data analysis and processing unit. It includes all the capabilities required to detect
unusual activity in attack flow. When an assault is detected, a signal is generated. Depending
on the kind of intrusion detection systems, the system may take action to resolve the issue
directly, or a signal may be sent to the system administrator to take necessary action; Signal:
This section of the network processes all IDS information. The result might be an automatic
reaction to an invasion or a harmful behavior warning for an information security manager.
Intrusion Detection Techniques
Many strategies from various fields have been used in the literature to identify intrusions.
Statistical approaches, knowledge-based strategies, and artificial intelligence (AI)-based
methods are the most common. The state of the system is depicted from a randomized
perspective in statistics-based intrusion detection systems. On the other extreme, knowledge-
based intrusion detection approaches attempt to extract the asserted behavior from accessible
system data (protocol specifications, network traffic instances, etc.). Lastly, AI-based IDS
approaches need the creation of a direct or indirect framework that enables anomalies to be
classified (Hajiheidari et al., 2019).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Data Mining and Machine Learning in Cybersecurity - Book by Sumeet Dua and Xian Dulg...
|6
|1077
|55
Risk management plan – single risk Company name: MyHealth.lg...
|2
|432
|40