Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems

Murat Koca; İsa Avcı

doi:10.53433/yyufbed.1545033

EN TR

Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems

Öz

Given the increasing complexity and progress of intrusion attacks, effective intrusion detection systems have become crucial to protecting networks. Machine learning methods have become a potential strategy for identifying and reducing such attacks. This paper has conducted a comprehensive analysis of intrusion detection using machine learning methodologies. The aim is to thoroughly examine the current state of research, identify the barriers, and highlight potential solutions in this field. The study begins by analyzing the importance of intrusion detection and the limitations of traditional rule-based systems. Afterward, it explores the underlying principles and concepts of machine learning and how they are practically applied in the field of intrusion detection. This paper provides a comprehensive analysis of different machine learning algorithms, such as decision trees, neural networks, support vector machines, and ensemble methods. The primary objective of this study is to assess the effectiveness and limitations of employing these techniques for identifying various forms of intrusions. Three algorithms are used to classify the NSL-KDD dataset, namely Cascade Backpropagation Neural Networks (CBPNN), Layered Recurrent Neural Networks (LRNN), and Forward-Backward Propagation Neural Networks (FBPNN). Results have shown that CBPNN outperformed by achieving 95% accuracy.

Anahtar Kelimeler

CBPNN, Cyber security, FBPNN, Intrusion detection systems (IDS), Logistic regression, Machine learning

Ağ Güvenliğini Geliştirme: Saldırı Algılama Sistemlerinin Kapsamlı Analizi

Öz

Siber saldırılarının artan karmaşıklığı ve ilerlemesi göz önüne alındığında, etkili saldırı tespit sistemlerinin varlığı ağ güvenliğinin önemli bir bileşeni haline gelmiştir. Makine öğrenimi yöntemleri, bu tür saldırıları belirlemek ve azaltmak için potansiyel bir strateji haline gelmiştir. Bu makale, makine öğrenimi tekniklerini kullanarak saldırı tespitinin kapsamlı bir incelemesini gerçekleştirmiştir. Amaç, mevcut araştırma durumunun kapsamlı bir analizini sunmak, engelleri belirlemek ve bu alandaki olası çözümleri vurgulamaktır. Makale, saldırı tespitinin önemini ve geleneksel kural tabanlı sistemlerin kısıtlamalarını inceleyerek başlamaktadır. Ardından, makine öğreniminin temel fikirleri ve kavramları ile saldırı tespiti alanındaki pratik uygulamalarına derinlemesine inmektedir. Bu çalışmada, karar ağaçları, sinir ağları, destek vektör makineleri ve topluluk yöntemleri dahil olmak üzere çeşitli makine öğrenimi algoritmalarının kapsamlı bir incelemesi sunulmaktadır. Bu çalışmanın temel amacı, farklı saldırı türlerini tespit etmek için bu yöntemleri kullanmanın etkinliğini ve kısıtlamalarını incelemektir. NSL-KDD veri setini sınıflandırmak için üç algoritma kullanılmıştır: Basamaklı Geri Yayılımlı Sinir Ağları (CBPNN), Katmanlı Tekrarlayan Sinir Ağı (LRNN) ve İleri-Geri Yayılımlı Sinir Ağları (FBPNN). Yapılan çalışma sonucunda, CBPNN'nin %95 doğruluk elde ederek daha iyi performans gösterdiğini göstermiştir.

Anahtar Kelimeler

CBPNN, FBPNN, Lojistik regresyon, Makine öğrenmesi, Saldırı tespit sistemleri (IDS), Siber güvenlik

Kaynakça

Alazab, M., Venkatraman, S., Watters, P., & Alazab, M. (2011). Zero-day malware detection based on supervised learning algorithms of API call signatures. AusDM, 11, 171-182.
Avcı, İ., & Koca, M. (2023). Cybersecurity attack detection model, using machine learning techniques. Acta Polytechnica Hungarica, 20(7), 2023–2052.
Bahlali, A. R., & Bachir, A. (2023). Machine learning anomaly-based network ıntrusion detection: experimental evaluation. Lecture Notes in Networks and Systems, 654 LNNS, 392–403. https://doi.org/10.1007/978-3-031-28451-9_34
Bengio, Y., Simard, P., & Frasconi, P. (1994). Learning long-term dependencies with gradient descent is difficult. IEEE Transactions on Neural Networks, 5(2), 157-166. https://doi.org/10.1109/72.279181
Biermann, E., Cloete, E., & Venter, L. M. (2001). A comparison of intrusion detection systems. Computers & Security, 20(8), 676–683. https://doi.org/10.1016/S0167-4048(01)00806-9
Can, O., & Sahingoz, O. K. (2015). A survey of intrusion detection systems in wireless sensor networks. 6th International Conference on Modeling, Simulation, and Applied Optimization, ICMSAO 2015 - Dedicated to the Memory of Late Ibrahim El-Sadek. https://doi.org/10.1109/ICMSAO.2015.7152200
Çakmak, M., Albayrak, Z., & Torun, C. (2021). Performance comparison of queue management algorithms in LTE networks using NS-3 simulator. Technical Gazette, 28(1), 135-142. https://doi.org/10.17559/TV-20200411071703
Eskin, E., Arnold, A., Prerau, M., Portnoy, L., & Stolfo, S. (2002). A geometric framework for unsupervised anomaly detection.In Barbará, D., Jajodia, S. (Eds). Applications of data mining in computer security. Advances in Information Security, vol 6. (pp. 77–101). Springer, Boston. https://doi.org/10.1007/978-1-4615-0953-0_4
Gao, Y., Li, X., Peng, H., Fang, B., & Philip, S. Y. (2020). Hincti: A cyber threat intelligence modeling and identification system based on heterogeneous information network. IEEE Transactions on Knowledge and Data Engineering, 34(2), 708–722. https://doi.org/10.1109/TKDE.2020.2987019
García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., & Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers & Security, 28(1–2), 18–28. https://doi.org/10.1016/J.COSE.2008.08.003

Ghosh, A., & Schwartzbard, A. (1999). A study in using neural networks for anomaly and misuse detection. Usenix.OrgAK Ghosh, A Schwartzbard8th USENIX Security Symposium (USENIX Security 99).
Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019). Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity, 2(1), 1–22. https://doi.org/10.1186/s42400-019-0038-7
Koca, M., Aydin, M., Sertbaş, A., & Zaim A. (2021). A new distributed anomaly detection approach for log IDS management based ondeep learning. Turkish Journal of Electrical Engineering and Computer Sciences, 29(5), 2486–2501. https://doi.org/10.3906/elk-2102-89
Liu, Y., Jing, W., & Xu, L. (2016). Cascading model based back propagation neural network in enabling precise classification. 2016 12th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery, ICNC-FSKD 2016, 7–11. https://doi.org/10.1109/FSKD.2016.7603142
McHugh, J. (2000). Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory. ACM Transactions on Information and System Security (TISSEC), 3(4), 262-294. https://doi.org/10.1145/382912.382923
Mitchell, R., & Chen, I. R. (2014). A survey of intrusion detection in wireless network applications. Computer Communications, 42, 1–23. https://doi.org/10.1016/J.COMCOM.2014.01.012
Ozalp, A. N., & Albayrak, Z. (2022). Detecting cyber attacks with high-frequency features using machine learning algorithms. Acta Polytechnica Hungarica, 19(7), 2022–2213. https://doi.org/10.12700/APH.19.7.2022.7.12
Rahul-Vigneswaran, K., Poornachandran, P., & Soman, K. (2020). A compendium on network and host based intrusion detection systems. Lecture Notes in Electrical Engineering, 601, 23–30. https://doi.org/10.1007/978-981-15-1420-3_3
Rai, S. (2019). NSL-KDD dataset [Dataset]. Kaggle. Access date: 26.12.2024. https://www.kaggle.com/datasets/sanketrai/nslkdd-dataset
Sommer, R., & Paxson, V. (2010). Outside the closed world: On using machine learning for network intrusion detection. Proceedings - IEEE Symposium on Security and Privacy, 305–316. https://doi.org/10.1109/SP.2010.25
Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. (2009). A detailed analysis of the KDD CUP 99 data set. Second IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA), 1–6. https://doi.org/10.1109/CISDA.2009.5356528
Yonan, J., & Zahra, N. (2023). Node intrusion tendency recognition using network level features based deep learning approach. Babylonian Journal of Networking, 2023, 1–10. https://doi.org/10.58496/BJN/2023/001
Zhang, Y., Huang, H., He, H., Teng, J., & Wang, Z. (2015). Efficient distributed semantic based data and service unified discovery with one-dimensional semantic space. Journal of Network and Computer Applications, 49, 78–87. https://doi.org/10.1016/J.JNCA.2014.11.008

Ayrıntılar

Birincil Dil

İngilizce

Konular

Bilgi Güvenliği Yönetimi, Bilgi Sistemleri Eğitimi

Bölüm

Araştırma Makalesi

Yazarlar

Murat Koca ^*
0000-0002-6048-7645
Türkiye

İsa Avcı
0000-0001-7032-8018
Türkiye

Yayımlanma Tarihi

31 Aralık 2024

Gönderilme Tarihi

7 Eylül 2024

Kabul Tarihi

26 Eylül 2024

Yayımlandığı Sayı

Yıl 2024 Cilt: 29 Sayı: 3

DOI

https://doi.org/10.53433/yyufbed.1545033

IZ

https://izlik.org/JA99PN66CU

APA

Koca, M., & Avcı, İ. (2024). Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems. Yüzüncü Yıl Üniversitesi Fen Bilimleri Enstitüsü Dergisi, 29(3), 927-938. https://doi.org/10.53433/yyufbed.1545033

AMA

1.Koca M, Avcı İ. Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems. YYUFBED. 2024;29(3):927-938. doi:10.53433/yyufbed.1545033

Chicago

Koca, Murat, ve İsa Avcı. 2024. “Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems”. Yüzüncü Yıl Üniversitesi Fen Bilimleri Enstitüsü Dergisi 29 (3): 927-38. https://doi.org/10.53433/yyufbed.1545033.

EndNote

Koca M, Avcı İ (01 Aralık 2024) Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems. Yüzüncü Yıl Üniversitesi Fen Bilimleri Enstitüsü Dergisi 29 3 927–938.

IEEE

[1]M. Koca ve İ. Avcı, “Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems”, YYUFBED, c. 29, sy 3, ss. 927–938, Ara. 2024, doi: 10.53433/yyufbed.1545033.

ISNAD

Koca, Murat - Avcı, İsa. “Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems”. Yüzüncü Yıl Üniversitesi Fen Bilimleri Enstitüsü Dergisi 29/3 (01 Aralık 2024): 927-938. https://doi.org/10.53433/yyufbed.1545033.

JAMA

1.Koca M, Avcı İ. Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems. YYUFBED. 2024;29:927–938.

MLA

Koca, Murat, ve İsa Avcı. “Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems”. Yüzüncü Yıl Üniversitesi Fen Bilimleri Enstitüsü Dergisi, c. 29, sy 3, Aralık 2024, ss. 927-38, doi:10.53433/yyufbed.1545033.

Vancouver

1.Murat Koca, İsa Avcı. Enhancing Network Security: A Comprehensive Analysis of Intrusion Detection Systems. YYUFBED. 01 Aralık 2024;29(3):927-38. doi:10.53433/yyufbed.1545033