Published June 2024 | Version Pre-print
Conference paper Open

A Network-based Intrusion Detection System based on widely used Cybersecurity Datasets and State of the Art ML techniques

  • 1. ROR icon Institute of Communication and Computer Systems
  • 2. Institute of Communication and Computer Systems (ICCS)

Description

Modern software systems consist of several entities that interact among each other through the Web, and hence are vulnerable to potential mali-cious activities. Intrusion Detection Systems (IDS) intend to monitor such sys-tems and/or their sub-systems, including the network infrastructure, and identify malicious user behaviour on time, so that the appropriate measures can be taken to protect the relevant entities or mitigate the consequences. However, user be-haviour is often quite complicated and cannot be captured by simple rules. Ma-chine Learning (ML) techniques provide the means for automatically detecting potential intrusions based on previously collected data. In this article, a Net-work-based IDS is presented, which can detect several network attacks through the usage of ML techniques and relevant frameworks. The publicly available cybersecurity datasets that were used in this work are introduced and their con-tribution for intrusion detection purposes is evaluated. Also, the approach fol-lowed for dealing with false alarms and new attack types is presented and the relevant findings are discussed.

Files

aiai2024_paper_59.pdf

Files (1.1 MB)

Name Size Download all
md5:9c99288eed240c92f96a93ff67abf281
1.1 MB Preview Download

Additional details

Funding

European Commission
DATA Monetization, Interoperability, Trading & Exchange Grant agreement ID: 101092989