0% found this document useful (0 votes)
46 views14 pages

Supervised Machine Learning Algorithms For Intrusion Detection

Intrusion detection systems using supervised machine learning algorithms are considered one of the most important tools used in the field of information security. These systems analyze data and detect illegal activities and intrusions into networks and systems. These systems rely on machine learning techniques to classify data as either normal activity or a hack. These systems include training and testing phases, where the algorithms are trained on a set of pre-labeled data to learn the natural
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
46 views14 pages

Supervised Machine Learning Algorithms For Intrusion Detection

Intrusion detection systems using supervised machine learning algorithms are considered one of the most important tools used in the field of information security. These systems analyze data and detect illegal activities and intrusions into networks and systems. These systems rely on machine learning techniques to classify data as either normal activity or a hack. These systems include training and testing phases, where the algorithms are trained on a set of pre-labeled data to learn the natural
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 14

Supervised Machine

Learning Algorithms
for
Intrusion Detection
prepare: Roaa almadani
INTRODUCTION
● Intrusion detection systems using supervised machine learning algorithms are
considered one of the most important tools used in the field of information
security. These systems analyze data and detect illegal activities and intrusions
into networks and systems. These systems rely on machine learning techniques to
classify data as either normal activity or a hack. These systems include training
and testing phases, where the algorithms are trained on a set of pre-labeled data to
learn the natural pattern of the data and distinguish between normal activities and
intrusions. Many supervisory machine learning algorithms are available for
intrusion detection systems, such as Gaussian Naive Bayes, Decision Tree,
Random Forest, Support Vector Machine, and Logistic Regression.
problem
&
solve
The problem of security and cyber
intrusions targeting networks is one of the
biggest issues that organizations face today.

To solve this problem, intrusion detection


systems (IDS) and their tools can be used to
detect and prevent these threats.

Intrusion detection systems are promising as


they monitor the network for malicious or
policy-violating activities
IMPORTANC
E
&
OBJECTIVES
IMPORTANCE

Improving systems Improve detection


1
security accuracy

4 2

Detect hacks faster 3 Improve forecasting


and analysis
OBJECTIVES

Detect advanced threats: Improve efficiency and accuracy


Able to analyze huge amounts of data and
It learns from available data and improves itself over
detect patterns and anomalous behaviors that
time, reducing the number of false alarms and increasing
may indicate attacks or hacks.
the system's ability to recognize real attacks.

Immediate response Continuous protection:


Able to analyze data in real time and take It continuously monitors the network and
immediate corrective action to prevent attacks analyzes data, allowing early detection of
from escalating and minimize the damage that breaches and taking the necessary measures to
could occur. prevent their escalation.
APPLICATIO
NS
&
METHODS
Application in the real world.
Classification of network
Detect coordinated attacks loads
The system can learn from historical data, The system can learn from historical data,
identify suspicious patterns, and warn of identify distinct features of each category, and
potential attacks use them to accurately classify network load

Analysis of abnormal
Detect new intrusions behavior
The system can learn from previous attacks, The system can learn from normal and
identify common features of these attacks, and abnormal patterns and identify and warn against
use them to detect future attacks illegal behavior
NEWLY IMPLEMENTED MODELS
Support Vector
Decision Tree Model Random Forest Model
Machine Model

● This model is considered a ● This model is used to classify


● This model is used to classify
development of the decision tree data based on creating dividing
data and make decisions based
model, as it uses a set of decision lines between different
on a series of conditional rules.
trees to classify data. categories.
● The model is trained on a data
● The model is trained on a data set ● The model is trained on a data
set containing examples of
containing examples of normal set containing examples of
normal and hacked activities.
and hacked activities. normal and hacked activities.
● The model is used to classify
● The model uses a set of decision ● The model uses thresholds to
new activities and determine
trees to classify new activities and classify new activities and
whether they constitute a breach
determine whether they constitute determine whether they
or not
a breach or not constitute a breach or not
METHODS USED

01 02 03 04

Infrastruct
Enemy ure Capacity Victim
analysis analysis analysis analysis
The enemy is understood The infrastructure used by Attackers' ability is Targeted victims are
by identifying the origin of the attackers is exposed, assessed to gain identified and the
the attack, the entities which includes insight into their attackers' ultimate goal
involved, motives and compromised systems, skills and is determined
sponsors, and the timeline control servers, data development
of activities. management tactics, and
data leakage paths.
Opportunities to apply in the current
Gini Impurity-based
environment.
Weighted Random
Forest (GIWRF) 01
02

Ensemble-Learning
Framework for 03
Deep Neural
Intrusion Detection Network (DNN) for
Intrusion Detection
CHALLENGE

Understand the theory Collect and analyze


and basic concepts data Technical challenges

Before researching supervised machine The need to collect a large set of There are some technical challenges
learning algorithms for intrusion detection, intrusion-related data and use it to while carrying out the research, such
you must understand the basic theory and train models. as computing power, available
concepts of machine learning and resources, programming, and
supervised learning and how to apply them dealing with big data.
in the field of intrusion detection.
References
1. Chenniappanadar, S. K., Gnanamurthy, S., Sakthivelu, V. K., & Kaliappan, V. K. (2023). A Supervised Machine Learning Based
Intrusion Detection Model for Detecting Cyber-Attacks Against Computer System. International Journal of Communication Networks
and Information Security (IJCNIS), 15(1), 1-10.

2. Abrar, I., Ayub, Z., Masoodi, F., & Bamhdi, A. M. (2020). A machine learning approach for intrusion detection system on NSL-KDD
dataset. 2020 International Conference on Smart Electronics and Communication (ICOSEC), 919-924.

3. Ahmad, Z., Shahid Khan, A., Wai Shiang, C., Abdullah, J., & Ahmad, F. (2021). Network intrusion detection system: A systematic
study of machine learning and deep learning approaches. Transactions on Emerging Telecommunications Technologies, 32, e4150.

4. Aziz, Z. A., & Abdulazeez, A. M. (2021). Application of Machine Learning Approaches in Intrusion Detection System. Journal of Soft
Computing and Data Mining, 2, 1-13.

5. Chauhan, A., & Vamsi, P. R. (2019). Anomalous Ozone Measurements Detection Using Unsupervised Machine Learning Methods.
2019 International Conference on Signal Processing and Communication (ICSC), 69-74.

6. L. Shahbandayeva, U. Mammadzada, I. Manafova, S. Jafarli and A. Z. Adamov, "Network Intrusion Detection using Supervised and
Unsupervised Machine Learning," 2022 IEEE 16th International Conference on Application of Information and Communication
Technologies (AICT), Washington DC, DC, USA, 2022, pp. 1-7, doi: 10.1109/AICT55583.2022.10013594..

7. Ding, Y., & Zhai, Y. (2018). Intrusion detection system for NSL-KDD dataset using convolutional neural networks. Proceedings of the
2018 2nd International Conference on Computer Science and Artificial Intelligence, 81-85.

You might also like