Title: Reduction of false positives in network intrusion detection using a hybrid classification approach

Authors: H.M. Shreevyas; G.K. Ravikumar; B.N. Shobha

Addresses: Department of Computer Science and Engineering, BGS Institute of Technology, B.G. Nagar, Karnataka, India ' Department of Computer Science and Engineering, BGS Institute of Technology, B.G. Nagar, Karnataka, India ' Department of Electronics and Communication Engineering, Sri Jagadguru Chandrasekaranathaswamiji (SJC) Institute of Technology, Chickballapur, Karnataka, India

Abstract: The effective detection of distributed denial of service is still a challenging task and the impact of such attacks is usually harmful. According to recent studies, there has been a perception that machine learning can have remarkable impact on network security, mainly in network traffic analysis. It is useful to study and analyse network traffic behaviour consistently using large and real time datasets and train them to build a network model using advanced machine learning techniques. These techniques are capable of detecting both known and unknown attacks. Here, we propose a hybrid classifier model which can detect both known and unknown attacks by using two stage classifiers. The results obtained on benchmark data sets indicate that the proposed model is a highly useful classifier for detecting different types of transmission control protocol flooding-based distributed denial of service attacks with a reduced number of false positives.

Keywords: cyber security; network intrusion detection; distributed denial of service attack; Naive Bayes classifier; Hidden Markov model; decision tree.

DOI: 10.1504/IJVICS.2022.122565

International Journal of Vehicle Information and Communication Systems, 2022 Vol.7 No.2, pp.199 - 209

Received: 05 Aug 2020
Accepted: 13 May 2021
Published online: 03 May 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article