Çetin KAYA, Oktay YILDIZ

3919

Makine Öğrenmesi Teknikleriyle Saldırı Tespiti: Karşılaştırmalı Analiz

İnternet, günlük hayatımızın vazgeçilmez bir parçasıdır. Artan web uygulamaları ve kullanıcı sayısı, veri güvenliği açısından bazı riskleri de beraberinde getirmiştir. Ağ güvenliği için önemli araçlardan biri olan saldırı tespit sistemleri, güvenli iç ağlara yapılan saldırıları ve beklenmeyen erişim taleplerini tespit etmede başarılı bir şekilde kullanılmaktadır. Günümüzde, pek çok araştırmacı, daha etkin saldırı tespit sistemi gerçekleştirilmesi amacıyla çalışma yapmaktadır.  Bu amaçla literatürde farklı makine öğrenme teknikleri ile gerçekleştirilmiş pek çok saldırı tespit sistemi vardır. Yapılan bu çalışmada, saldırı tespit sistemlerinde sıklıkla kullanılan makine öğrenme teknikleri araştırılmış, kullandıkları sınıflandırıcılar, veri setleri ve elde edilen başarılar değerlendirilmiştir. Bu amaçla 2007-2013 yılları arasında SCI, SCI Expanded ve EBSCO indekslerince taranan ulusal ve uluslararası dergilerde yayınlanmış 65 makale incelenmiş, sonuçlar, karşılaştırılmalı bir şekilde sunulmuştur. Böylece, gelecekte yapılacak
Anahtar Kelimeler:

STS;Makine öğrenmesi;KDD Cup99

Intrusion Detection with Machine Learning Techniques: Comparative Analysis

The Internet is an indispensable part of our daily lives. The increasing number of web applications and the user, in terms of data security, has some risks. Intrusion detection systems, secure access to internal networks to detect attacks and unexpected due to the demands of one of the important tools for network security. In order to develop more effective intrusion detection systems a lot of investigative work. However, so many different machine learning techniques in the literature with intrusion-detection system. In this study, the intrusion detection systems are frequently used in machine learning techniques are researched, evaluated, and the resulting achievements classifiers, used by datasets. To this end between the years 2007-2013 65 article examined, the results are presented in a way that the comparative. Thus, the determination of the future machine learning techniques to gain a perspective on the work of the attack.
Keywords:

IDS;Machine learning;KDD Cup99,

PDF

___

  • «ICT Statistics Home Page» [Çevrimiçi],
  • http://http://www.itu.int/en/ITU
  • D/Statistics/Documents/facts/ICTFactsFigures2013-e.pdf.
  • erişilmiştir]. [30 04 2014 tarihinde
  • X. Zhang, L. Jia, H. Shi, Z. Tang ve X. Wang, «The Application of Machine Learning Methods to Intrusion Detection,» 2012.
  • J. Co, Computer Security Threat Monitoring and Surveillance, Pennsylvania: James P. Anderson Company, Fort Washington, 1980.
  • R. Bace ve P. Mell, «NIST Special Publication on Intrusion Detection Systems,» Publications of National Institute of Standards and Technology, pp. 1-53, 2011.
  • Y. Vural ve Ş. Sağıroğlu, «Kurumsal Bilgi Güvenliğinde Güvenlik Testleri ve Öneriler,» Gazi Üniv. Müh. Mim. Fak. Der., cilt 26, no. 1, pp. 89-103, 2011.
  • K. Kendall, Database of Computer Attacks for the Evaluation of Intrusion Detection Systems, MIT Department of Electrical Engineering and Computer Science, 1999.
  • K. Scarfone ve P. Mell, Guide to Intrusion Detection and Prevention Systems (IDPS), NIST Special Publication, 2007, pp. 80-94.
  • S. Axelsson, «Intrusion Detection Systems: A Survey and Taxonomy,» Department of Computer Engineering, Chalmers University of Technology, Sweden, 2000.
  • D. Michie, D. Spiegelhalter ve C. Taylor, Machine Learning Neural and Statistical Classification, New York: Ellis Horwood Limited, 1994.
  • F. Sebastiani, «Machine Learning in Automated Text Categorization,» ACM Computing Surveys (CSUR), cilt 34, no. 1, pp. 1-47, 2002.
  • J. Anderson, R. Michalski ve T. Mitchell, Machine learning: An artificial intelligence approach, M. Kaufmann, 1983.
  • T. Nguyen ve G. Armitage, «A Survey of Techniques for Internet Traffic Classification Using Machine Learning,» IEEE Communications Surveys and Tutorials, cilt 10, no. 4, pp. 56-76, 2008.
  • P. Domingos ve M. Pazzani, On the Optimality of the Simple Bayesian Classifier under Zero-One Loss, Springer, 1997.
  • K. Çalış, O. Gazdağı ve O. Yıldız, «Reklam İçerikli Epostaların Metin Madenciliği Yöntemleri ile Otomatik Tespiti,» Bilişim Teknolojileri Dergisi, cilt 6, no. 1, 2013.
  • F. Jemili, M. Zaghdoud ve M. Ben Ahmed, «A Framework for an Adaptive Intrusion Detection System using Bayesian Network,» IEEE Intelligent and Security Informatics, 2007.
  • D. Farid ve M. Rahman, «Anomaly Network Intrusion Detection Based on Improved Self Adaptive Bayesian Algorithm,» Journal of computers, cilt 5, no. 1, pp. 23-31, 2010.
  • V. Vapnik, Statistical Learning Theory, New York: John Wiley, 1998.
  • Y. Zhang ve Y. Zhu, «Application of Improved Support Vector Machines in Intrusion Detection,» %1 içinde 2nd International Conference on e-Business and Information System Security, 2010.
  • J. Wang, T. Li ve R. Ren, «A Real Time IDSs Based on Artificial Bee Colony Support Vector Machine Algorithm,» Third International Workshop on Advanced Computational Intelligence, 2010.
  • Q. Mu, Y. Chen ve Y. Zhang, «Incremental SVM Algorithm to Intrusion Detection Base on Boundary Areas,» International Conference on Systems and Informatics, 2012.
  • S. Wu ve W. Banzhaf, «The Use of Computational Intelligence in Intrusion Detection Systems:A Review,» Applied Soft Computing, cilt 10, no. 1, pp. 1-35, 2010.
  • I. Witten ve E. Frank, Data Mining: Practical Machine Learning Tools and Techniques (Third Edition), Morgan Kaufmann Publication, 2011.
  • M. Dunham, Data Mining Introductory and Advanced Topics, Prentice Hall Pearson Education Inc, 2003.
  • M. Bahrololum, E. Salahi ve M. Khalegni, «Machine Learning Techniques for feature Reduction in Intrusion Detection Systems: A Comparison,» Fourth International Conference on Computer Sciences and Convergence Information Technology, 2009.
  • A. Alazab, M. Hobbs, J. Abawajy ve M. Alazab, «Using Feature Selection for Intrusion Detection System,» International Symposium on Communications and Information Technologies (ISCIT), 2012.
  • V. Sharma ve A. Nema, «Innovative Genetic approach For Intrusion Detection by Using Decision Tree,» International Conference on Communication Systems and Network Technologies (CSNT), 2013.
  • C. Bitter, D. A. Elizondo ve T. Watson, «Application of Artificial Neural Networks and Related Techniques to Intrusion Detection,» IJCNN, 2010.
  • S. Haykin, Neural Networks : A Comprehensive Foundation, New York: Macmillan College Publishing Company, 1999.
  • R. P. Lippmann, «An Intoduction to Computing with Neural Nets,» IEEE acoustic Speech and signal processing, cilt 4, no. 2, pp. 4-22, 1987.
  • G. Liu, Z. Yi ve S. Yang, «A Hierarchical Intrusion Detection Model Based on the PCA Neural Networks,» Neurocomputing, cilt 70, pp. 1561-1568, 2007.
  • X. Gong ve X. Guan, «Intrusion Detection Model Based on the Improved Neural Network and Expert System,» IEEE Symposium on Electrical & Electronics Engineering (EEESYM), 2012.
  • C. Xiang, P. Yong ve L. Meng, «Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees,» Pattern Recognition Letters, cilt 29, pp. 918-924, 2008.
  • F. Jemili, M. Zaghdoud ve M. Ben Ahmed, «Intrusion Detection based on Hybrid Propagation in Bayesian Networks,» IEEE International Conference on Intelligence and Security Informatics, 2009.
  • Z. Muda, W. Yassin, M. Sulaiman ve N. Udzir, «Intrusion Detection based on K-Means Clustering and Naïve Bayes Classification,» IAS 2011, 2011.
  • W. Fan, N. Bouguila ve D. Ziou, «Unsupervised Anomaly Intrusion Detection via Localized Bayesian Feature Selection,» 11th IEEE International Conference on Data Mining, 2011.
  • H. Altwaijry ve S. Algarny, «Bayesian Based Intrusion Detection System,» Journal of King Saud University - Computer and Information Sciences, cilt 24, no. 1, pp. 1-6, 2012.
  • S. Mukherjee ve N. Sharma, «Intrusion Detection Using Naive Bayes Classifier with Feature Reduction,» Procedia Technology, cilt 4, pp. 119-128, 2012.
  • L. Koc, T. Mazzuchi ve S. Sarkani, «A Network Intrusion Detection System Based on a Hidden Naïve Bayes Multiclass Classifier,» Expert Systems with Applications, cilt 39, pp. 13492-13500, 2013.
  • Q. Pei-li ve C. Shi-feng, «Intrusion Detection System Technique Based on BP SVM,» International Conference on Management and Service Science, 2009.
  • T. Shon ve J. Moon, «A Hybrid Machine Learning Approach to Network Anomaly Detection,» Information Sciences, cilt 17, pp. 3799-3821, 2007.
  • H. Zhou, X. Meng ve L. Zhang, «Application of Support Vector Machine and Genetic Algorithm to Network Intrusion Detection,» International Conference on Wireless Communications, Networking and Mobile Computing,, 2007.
  • Y. Li ve Z. Wang, «An Intrusion Detection Method Based on SVM and KPCA,» International Conference on Wavelet Analysis and Pattern Recognition, 2007.
  • H. Li ve J. Wang, «Intrusion Detection System by Integrating PCNN and Online Robust SVM,» International Conference on Network and Parallel Computing, 2007.
  • X. Ding, G. Zhang, Y. Ke, B. Ma ve Z. Li, «High Efficient Intrusion Detection Methodology with Twin Support Vector Machines,» International Symposium on Information Science and Engineering, 2008.
  • Y. Li, Z. Wang ve Y. Ma, «An Intrusion Detection Method Based on KICA and SVM,» 7th World Congress on Intelligent Control and Automation, 2008.
  • J. Ma, X. Liu ve S. Liu, «A New Intrusion Detection Method Based on BPSO-SVM,» International Symposium on Computational Intelligence and Design, 2008.
  • Z. Chen ve G. Zhang, «Support Vector Machines Improved by Artificial Immunisation Algorithm for Intrusion Detection,» International Conference on Information Engineering and Computer Science, 2009.
  • H. Du, S. Teng, X. Fu, W. Zhang ve Y. Pu, «A Cooperative Intrusion Detection System Based on Improved Parallel SVM,» Joint Conferences on Pervasive Computing , 2009.
  • H. Liu, Y. Jian ve S. Liu, «A New Intelligent Intrusion Detection Method Based on Attribute Reduction and Parameters Optimization of SVM,» Second International Workshop on Education Technology and Computer Science, 2010.
  • G. Xiaoqing, G. Hebin ve C. Luyi, «Network Intrusion Detection Method Based on Agent and SVM,» The 2nd IEEE International Conference on Information Management and Engineering, 2010.
  • S. Horng, M. Su, Y. Chen, T. Kao, R. Chen, J. Lai ve C. Perkasa, «A Novel Intrusion Detection System Based on Hierarchical Clustering and Support Vector Machines,» Expert Syst. Appl, cilt 38, no. 1, pp. 306-313, 2011.
  • P. Somwang ve W. Lilakiatsakun, «Computer Network Security Based On Support Vector Machine Approach,» 11th International Conference on Control, Automation and Systems, 2011.
  • G. Song, J. Guo ve Y. Nie, «An Intrusion Detection Method based on Multiple Kernel Support Vector Machine,» International Conference on Network Computing and Information Security, 2011.
  • L. Ning ve Z. Jianhua, «Intrusion Detection Research Based on Improved PSO and SVM,» International Conference on Automatic Control and Artificial Intelligence, 2012.
  • X. Yang ve Z. Yilai, «An Intelligent Anomaly Analysis for Intrusion Detection based on SVM,» International Conference on Computer Science and Information Processing, 2012.
  • A. Chandrasekhar ve K. Raghuveer, «Intrusion Detection Technique by Using k Means, Fuzzy Neural Network and SVM Classifiers,» International Conference on Computer Communication and Informatics, 2013.
  • S. Peddabachigari, A. Abrahamb, C. Grosanc ve J. Thomas, «Modeling Intrusion Detection System Using Hybrid Intelligent Systems,» Journal of Network and Computer Applications, cilt 30, pp. 114-132, 2007.
  • J. Leet, J. H. Leet, S. G. Sohn ve J. H. Ryu, «Effective Value of Decision Tree with KDD 99 Intrusion Detection Datasets for Intrusion Detection System,» 10th International Conference on Advanced Communication Technology, 2008.
  • S. Sheen ve R. Rajesh, «Network Intrusion Detection Using Feature Selection and Decision Tree Classifier,» %1 içinde IEEE Region 10 Conference, TENCON, 2008.
  • S. Y. Wu ve E. Yen, «Data mining-based intrusion detectors,» Expert Systems with Applications, cilt 36, no. 3, pp. 5605-5612, 2009.
  • D. Hong ve L. Haibo, «A Lightweight Network Intrusion Detection Model Based on Feature Selection,» 15th IEEE Pacific Rim International Symposium on Dependable Computing, 2009.
  • Y. Liu, N. Li, L. Shi ve F. Li, «An Intrusion Detection Method Based on Decision Tree,» International Conference on E-Health Networking, Digital Ecosystems and Technologies, 2010.
  • P. Sangkatsanee, N. Wattanapongsakorn ve C. Charnsripinyo, «Practical Real-Time Intrusion Detection Using Machine Learning Approaches,» Computer Communications, cilt 34, pp. 2227-2235, 2011.
  • M. Kumar, M. Hanumanthappa ve T. V. Kumar, «Intrusion Detection System Using Decision Tree Algorithm,» 14th International Conference on Communication Technology (ICCT), 2012.
  • H. R. Deng ve Y. H. Wang, «An Artificial-Neural Network-Based Multiple Classifiers Intrusion Detection System,» Proceedings of the 2007 International Conference on Wavelet Analysis and Pattern Recognition, 2007.
  • Y. Yu, B. Chen ve J. Xiao, «An Integrated System of Intrusion Detection Based on Rough Set and Wavelet Neural Network,» Third International Conference on Natural Computation, 2007.
  • P. G. Kumar ve D. Devaraj, «Network Intrusion Detection Using Hybrid Neural Networks,» International Conference on Signal Processing, Communications and Networking, 2007.
  • R. Beghdad, «Critical Study of Neural Networks in Detecting Intrusions,» Computers & Security, cilt 27, pp. 168-175, 2008.
  • S. T. Powers ve J. He, «A Hybrid Artificial Immune System and Self Organising Map for Network Intrusion Detection,» Information Sciences, cilt 178, pp. 3024-3042, 2008.
  • T. J. Zhou ve L. Yang, «The Research of Intrusion Detection Based on Genetic Neural Network,» International Conference on Wavelet Analysis and Pattern Recognition, 2008.
  • H. Karimi, M. A. Montazeri ve M. D. Jazi, «A New Approach for Detecting Intrusions Using Jordan/Elman Neural Networks,» First International Conference on Complexity and Intelligence of the Artificial and Natural Complex Systems. Medical Applications of the Complex Systems. Biomedical Computing, CANS’08 , 2008.
  • X. Han, «An Improved Intrusion Detection System Based on Neural Network,» Intelligent Computing and Intelligent Systems, cilt 1, pp. 887-890, 2009.
  • B. Zhang ve X. J. Saeed, «A Joint Evolutionary Neural Network for Intrusion Detection,» Information Engineering and Computer Science, pp. 1-4, 2009.
  • X. Tong, Z. Wang ve H. Yu, «A Research Using Hybrid RBF/Elman Neural Networks for Intrusion Detection System Secure Model,» Computer Physics Communications, cilt 180, pp. 1795-1801, 2009.
  • G. Poojitha, K. N. Kumar ve P. J. Reddy, «Intrusion Detection Using Artificial Neural Network,» Second International conference on Computing, Communication and Networking Technologies , 2010.
  • G. Wang, J. Hao, J. Mab ve L. Huang, «A New Approach to Intrusion Detection Using Artificial Neural Networks and Fuzzy Clustering,» Expert Systems with Applications, cilt 37, pp. 6225-6232, 2010.
  • D. X. Xia, S. H. Yang ve C. G. Li, «Intrusion Detection System based on Principal Component Analysis and Grey Neural Networks,» Second International Conference on Networks Security, Wireless Communications and Trusted Computing, 2010.
  • W. Huang ve L. Ju, «Intrusion Detection Method Based On Sparse Neural Network,» International Conference on Multimedia Technology (ICMT), 2010.
  • M. Govindarajan ve R. M. Chandrasekaran, «Intrusion Detection Using Neural Based Hybrid Classification Methods,» Computer Networks, cilt 55, pp. 1662-1671, 2011.
  • L. Xiangmei ve Q. Zhi, «The Application of Hybrid Neural Network Algorithms in Intrusion Detection System,» International Conference on E -Business and E - Government (ICEE), 2011.
  • B. Zhang, «A Heuristic Genetic Neural Network for Intrusion Detection,» International Conference on Internet Computing and Information Services (ICICIS), 2011.
  • S. Devaraju ve S. Ramakrishnan, «Performance Analysis of Intrusion Detection System Using Various Neural Network Classifiers,» International Conference on Recent Trends in Information Technology (ICRTIT), 2011.
  • D. Ippoliti ve X. Zhou, «A-GHSOM: An Adaptive Growing Hierarchical Self Organizing Map for Network Anomaly Detection,» Parallel Distrib. Comput., cilt 72, pp. 1576- 1590, 2012.
  • X. Jianga, K. Liub, J. Yana ve W. Chen, «Application of Improved SOM Neural Network in Anomaly Detection,» Physics Procedia, cilt 33, pp. 1093-1099, 2012.
  • N. Srivastav ve R. K. Challa, «Novel Intrusion Detection System integrating Layered Framework with Neural Network,» 3rd International Advance Computing Conference (IACC), 2013.
  • L. Ning, «Network Intrusion Classification Based on Probabilistic Neural Network,» International Conference on Computational and Information Sciences, 2013.
  • M. Tavallaee, N. Stakhanova ve A. A. Ghorbani, «Toward Credible Evaluation of Anomaly-Based Intrusion-Detection Methods,» Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, cilt 40, no. 5, pp. 516-524, 2010.
International Journal of Advances in Engineering and Pure Sciences-Cover
  • Yayın Aralığı: Yılda 4 Sayı
  • Başlangıç: 2008
  • Yayıncı: Marmara Üniversitesi
Arşiv
Sayıdaki Diğer Makaleler

Sigortacılık Sektöründe Müşteri İlişkileri Yönetimi İçin Birliktelik Kuralı Kullanılması

Buket DOĞAN, Bahar EROL, Ali BULDU

Kâğıdın Yüzey Pürüzlülüğünün, Baskı Renk değişimi, Işık Haslığı ve Baskı Parlaklığına Etkisi

Cem AYDEMİR

Taraxacum bellidiforme ve Taraxacum revertens Endemik Türlerinin Karyolojik Yönden Araştırılması

Yaşar KIRAN, Osman GEDİK, İsmail TÜRKOĞLU

Moleküler Olarak Baskılanmış Çapraz Bağlanan Hidrojeller ile Sulu Çözetideki Altın İyonlarının Adsorpsiyonu

Soner ÇUBUK, Memet Vezir KAHRAMAN, Ece KÖK YETİMOĞLU, Melike FIRLAK

Makine Öğrenmesi Teknikleriyle Saldırı Tespiti: Karşılaştırmalı Analiz

Çetin KAYA, Oktay YILDIZ

Eski ve Yeni Üniversite Yapılarında Enerji Verimliliği

Mustafa ATMACA, Furkan İBANOĞLU, Ahmet Berk KURTULUŞ

Atık Rodyum Kaplama Çözeltilerinden Rodyum Geri Kazanımı

Serap MORCALI, Serdar AKTAŞ