        TY  - JOUR
T1  - Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems
TT  - Ağ Güvenliğini Geliştirme: Saldırı Algılama Sistemlerinin Kapsamlı Analizi
AU  - Koca, Murat
AU  - Avcı, İsa
PY  - 2024
DA  - December
Y2  - 2024
DO  - 10.53433/yyufbed.1545033
JF  - Yüzüncü Yıl Üniversitesi Fen Bilimleri Enstitüsü Dergisi
JO  - YYU JINAS
PB  - Van Yuzuncu Yıl University
WT  - DergiPark
SN  - 1300-5413
SP  - 927
EP  - 938
VL  - 29
IS  - 3
LA  - en
AB  - Given the increasing complexity and progress of intrusion attacks, effective intrusion detection systems have become crucial to protecting networks. Machine learning methods have become a potential strategy for identifying and reducing such attacks.  This paper has conducted a comprehensive analysis of intrusion detection using machine learning methodologies. The aim is to thoroughly examine the current state of research, identify the barriers, and highlight potential solutions in this field.  The study begins by analyzing the importance of intrusion detection and the limitations of traditional rule-based systems.  Afterward, it explores the underlying principles and concepts of machine learning and how they are practically applied in the field of intrusion detection. This paper provides a comprehensive analysis of different machine learning algorithms, such as decision trees, neural networks, support vector machines, and ensemble methods. The primary objective of this study is to assess the effectiveness and limitations of employing these techniques for identifying various forms of intrusions. Three algorithms are used to classify the NSL-KDD dataset, namely Cascade Backpropagation Neural Networks (CBPNN), Layered Recurrent Neural Networks (LRNN), and Forward-Backward Propagation Neural Networks (FBPNN). Results have shown that CBPNN outperformed by achieving 95% accuracy.
KW  - CBPNN
KW  - Cyber security
KW  - FBPNN
KW  - Intrusion detection systems (IDS)
KW  - Logistic regression
KW  - Machine learning
N2  - Siber saldırılarının artan karmaşıklığı ve ilerlemesi göz önüne alındığında, etkili saldırı tespit sistemlerinin varlığı ağ güvenliğinin önemli bir bileşeni haline gelmiştir. Makine öğrenimi yöntemleri, bu tür saldırıları belirlemek ve azaltmak için potansiyel bir strateji haline gelmiştir. Bu makale, makine öğrenimi tekniklerini kullanarak saldırı tespitinin kapsamlı bir incelemesini gerçekleştirmiştir. Amaç, mevcut araştırma durumunun kapsamlı bir analizini sunmak, engelleri belirlemek ve bu alandaki olası çözümleri vurgulamaktır. Makale, saldırı tespitinin önemini ve geleneksel kural tabanlı sistemlerin kısıtlamalarını inceleyerek başlamaktadır. Ardından, makine öğreniminin temel fikirleri ve kavramları ile saldırı tespiti alanındaki pratik uygulamalarına derinlemesine inmektedir. Bu çalışmada, karar ağaçları, sinir ağları, destek vektör makineleri ve topluluk yöntemleri dahil olmak üzere çeşitli makine öğrenimi algoritmalarının kapsamlı bir incelemesi sunulmaktadır. Bu çalışmanın temel amacı, farklı saldırı türlerini tespit etmek için bu yöntemleri kullanmanın etkinliğini ve kısıtlamalarını incelemektir. NSL-KDD veri setini sınıflandırmak için üç algoritma kullanılmıştır: Basamaklı Geri Yayılımlı Sinir Ağları (CBPNN), Katmanlı Tekrarlayan Sinir Ağı (LRNN) ve İleri-Geri Yayılımlı Sinir Ağları (FBPNN). Yapılan çalışma sonucunda, CBPNN&#039;nin %95 doğruluk elde ederek daha iyi performans gösterdiğini göstermiştir.
CR  - Alazab, M., Venkatraman, S., Watters, P., &amp; Alazab, M. (2011). Zero-day malware detection based on supervised learning algorithms of API call signatures. AusDM, 11, 171-182.
CR  - Avcı, İ., &amp; Koca, M. (2023). Cybersecurity attack detection model, using machine learning techniques. Acta Polytechnica Hungarica, 20(7), 2023–2052.
CR  - Bahlali, A. R., &amp; Bachir, A. (2023). Machine learning anomaly-based network ıntrusion detection: experimental evaluation. Lecture Notes in Networks and Systems, 654 LNNS, 392–403. https://doi.org/10.1007/978-3-031-28451-9_34
CR  - Bengio, Y., Simard, P., &amp; Frasconi, P. (1994). Learning long-term dependencies with gradient descent is difficult. IEEE Transactions on Neural Networks, 5(2), 157-166. https://doi.org/10.1109/72.279181
CR  - Biermann, E., Cloete, E., &amp; Venter, L. M. (2001). A comparison of intrusion detection systems. Computers &amp; Security, 20(8), 676–683. https://doi.org/10.1016/S0167-4048(01)00806-9
CR  - Can, O., &amp; Sahingoz, O. K. (2015). A survey of intrusion detection systems in wireless sensor networks. 6th International Conference on Modeling, Simulation, and Applied Optimization, ICMSAO 2015 - Dedicated to the Memory of Late Ibrahim El-Sadek. https://doi.org/10.1109/ICMSAO.2015.7152200
CR  - Çakmak, M., Albayrak, Z., &amp; Torun, C. (2021). Performance comparison of queue management algorithms in LTE networks using NS-3 simulator. Technical Gazette, 28(1), 135-142. https://doi.org/10.17559/TV-20200411071703
CR  - Eskin, E., Arnold, A., Prerau, M., Portnoy, L., &amp; Stolfo, S. (2002). A geometric framework for unsupervised anomaly detection.In Barbará, D., Jajodia, S. (Eds). Applications of data mining in computer security. Advances in Information Security, vol 6. (pp. 77–101). Springer, Boston. https://doi.org/10.1007/978-1-4615-0953-0_4
CR  - Gao, Y., Li, X., Peng, H., Fang, B., &amp; Philip, S. Y. (2020). Hincti: A cyber threat intelligence modeling and identification system based on heterogeneous information network. IEEE Transactions on Knowledge and Data Engineering, 34(2), 708–722. https://doi.org/10.1109/TKDE.2020.2987019
CR  - García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., &amp; Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers &amp; Security, 28(1–2), 18–28. https://doi.org/10.1016/J.COSE.2008.08.003
CR  - Ghosh, A., &amp; Schwartzbard, A. (1999). A study in using neural networks for anomaly and misuse detection. Usenix.OrgAK Ghosh, A Schwartzbard8th USENIX Security Symposium (USENIX Security 99).
CR  - Khraisat, A., Gondal, I., Vamplew, P., &amp; Kamruzzaman, J. (2019). Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity, 2(1), 1–22. https://doi.org/10.1186/s42400-019-0038-7
CR  - Koca, M., Aydin, M., Sertbaş, A., &amp; Zaim A. (2021). A new distributed anomaly detection approach for log IDS management based ondeep learning. Turkish Journal of Electrical Engineering and Computer Sciences, 29(5), 2486–2501. https://doi.org/10.3906/elk-2102-89
CR  - Liu, Y., Jing, W., &amp; Xu, L. (2016). Cascading model based back propagation neural network in enabling precise classification. 2016 12th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery, ICNC-FSKD 2016, 7–11. https://doi.org/10.1109/FSKD.2016.7603142
CR  - McHugh, J. (2000). Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory. ACM Transactions on Information and System Security (TISSEC), 3(4), 262-294. https://doi.org/10.1145/382912.382923
CR  - Mitchell, R., &amp; Chen, I. R. (2014). A survey of intrusion detection in wireless network applications. Computer Communications, 42, 1–23. https://doi.org/10.1016/J.COMCOM.2014.01.012
CR  - Ozalp, A. N., &amp; Albayrak, Z. (2022). Detecting cyber attacks with high-frequency features using machine learning algorithms. Acta Polytechnica Hungarica, 19(7), 2022–2213. https://doi.org/10.12700/APH.19.7.2022.7.12
CR  - Rahul-Vigneswaran, K., Poornachandran, P., &amp; Soman, K. (2020). A compendium on network and host based intrusion detection systems. Lecture Notes in Electrical Engineering, 601, 23–30. https://doi.org/10.1007/978-981-15-1420-3_3
CR  - Rai, S. (2019). NSL-KDD dataset [Dataset]. Kaggle. Access date: 26.12.2024. https://www.kaggle.com/datasets/sanketrai/nslkdd-dataset
CR  - Sommer, R., &amp; Paxson, V. (2010). Outside the closed world: On using machine learning for network intrusion detection. Proceedings - IEEE Symposium on Security and Privacy, 305–316. https://doi.org/10.1109/SP.2010.25
CR  - Tavallaee, M., Bagheri, E., Lu, W., &amp; Ghorbani, A. (2009). A detailed analysis of the KDD CUP 99 data set. Second IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA), 1–6. https://doi.org/10.1109/CISDA.2009.5356528
CR  - Yonan, J., &amp; Zahra, N. (2023). Node intrusion tendency recognition using network level features based deep learning approach. Babylonian Journal of Networking, 2023, 1–10. https://doi.org/10.58496/BJN/2023/001
CR  - Zhang, Y., Huang, H., He, H., Teng, J., &amp; Wang, Z. (2015). Efficient distributed semantic based data and service unified discovery with one-dimensional semantic space. Journal of Network and Computer Applications, 49, 78–87. https://doi.org/10.1016/J.JNCA.2014.11.008
UR  - https://doi.org/10.53433/yyufbed.1545033
L1  - https://dergipark.org.tr/en/download/article-file/4197018
ER  -