Citation
Salah, Mohammad
(2017)
A comparison of different technique in flow based anomaly detection.
Masters thesis, Universiti Putra Malaysia.
Abstract
By performing network traffic analyzing in different datasets, Intrusion Detection Systems (IDS) that works based on anomaly techniques learn the pattern of anomalous and normal behavior. The huge data size in IDSs dataset to process is known as the trend challenge. It causes high false alarms rates and low rates of detection. In this proposal, a new method which functions based on the Online Sequential Extreme Learning Machine (OS-ELM) is introduced for detecting intrusions in the network. Our proposed method detect anomaly by using alpha profiling technique and by utilizing a group of filtered, feature selection techniques based on Consistency and Correlation has eliminated the inappropriate features. Beta profiling technique has been used in order to decrease the training dataset’s size, as an alternative for sampling technique. In order to evaluate the efficiency of the proposed method we used the standard version of Network Security Laboratory-Knowledge Discovery and Data Mining (NSL-KDD2009) dataset. According to the primary achieved results from our experiments, it is assumed that our proposed IDS method can achieve lower rate of false positive and higher accuracy when using NSL-KDD dataset. It can also be seen that our proposed method is more eƥcient than conventional methods in intrusion detection.
Download File
Additional Metadata
Actions (login required)
|
View Item |