دانلود رایگان مقاله انگلیسی سیستم های تشخیص نفوذ هوشمند با استفاده از شبکه های عصبی مصنوعی - الزویر 2018

عنوان فارسی
سیستم های تشخیص نفوذ هوشمند با استفاده از شبکه های عصبی مصنوعی
عنوان انگلیسی
Intelligent intrusion detection systems using artificial neural networks
صفحات مقاله فارسی
0
صفحات مقاله انگلیسی
5
سال انتشار
2018
نشریه
الزویر - Elsevier
فرمت مقاله انگلیسی
PDF
کد محصول
E8152
رشته های مرتبط با این مقاله
مهندسی کامپیوتر، فناوری اطلاعات
گرایش های مرتبط با این مقاله
هوش مصنوعی، امنیت اطلاعات، شبکه های کامپیوتری
مجله
فناوری اطلاعات و ارتباطات بیان - ICT Express
دانشگاه
Department of Engineering and Mathematics - Sheffield Hallam University - Sheffield - UK
کلمات کلیدی
یادگیری ماشین؛ سیستم های تشخیص نفوذ؛ امنیت کامپیوتر؛ هوش مصنوعی
۰.۰ (بدون امتیاز)
امتیاز دهید
چکیده

Abstract


This paper presents a novel approach to detection of malicious network traffic using artificial neural networks suitable for use in deep packet inspection based intrusion detection systems. Experimental results using a range of typical benign network traffic data (images, dynamic link library files, and a selection of other miscellaneous files such as logs, music files, and word processing documents) and malicious shell code files sourced from the online exploit and vulnerability repository exploitdb [1], have shown that the proposed artificial neural network architecture is able to distinguish between benign and malicious network traffic accurately. The proposed artificial neural network architecture obtains an average accuracy of 98%, an average area under the receiver operator characteristic curve of 0.98, and an average false positive rate of less than 2% in repeated 10-fold cross-validation. This shows that the proposed classification technique is robust, accurate, and precise. The novel approach to malicious network traffic detection proposed in this paper has the potential to significantly enhance the utility of intrusion detection systems applied to both conventional network traffic analysis and network traffic analysis for cyber–physical systems such as smart-grids.

نتیجه گیری

4. Conclusions and further work


The intelligent intrusion detection system outlined in this paper significantly improves upon the performance of signature based detection methods by utilising an artificial neural network classifier for the identification of shellcode patterns in network traffic. The ANN based classifier not only achieves perfect sensitivity on the test dataset (identifying all instances of shellcode), it also exhibits excellent precision (minimising the number of false positives identified). The performance of the proposed approach was then further evaluated with respect to the false positive rate by testing on an extremely large (400,000 samples) set of benign network traffic file content — where the proposed approach achieved a false positive rate of less than 2%. Minimising the false positive rate is a major concern for the application of network intrusion systems in the real-world, as high levels of false positives result in an extremely poor signalto-noise ratio and often render the system useless.


The research presented in this paper describes an offline approach to detecting shellcode patterns within data. Work is currently ongoing to integrate the approach proposed in this paper into online network intrusion detection systems and to test on real-time network data, with further real-time optimisations for live network traffic an active area of development. Another area identified for further work is the application of the intelligent approach to intrusion detection outlined here to other areas of network security such as the detection of cross-site scripting attacks and SQL injection attacks on web applications.


بدون دیدگاه