Research and development automatically generate detection rules for IDS based on machine learning technology

Authors

  • Nguyen Huy Trung People's Security Academy
  • Le Hai Viet People's Security Academy
  • Tran Duc Thang Institute of Information Technology, Vietnam Academy of Science and Technology

DOI:

https://doi.org/10.54654/isj.v2i14.203

Keywords:

Machine Learning, Network Security, Intrusion Detection System

Tóm tắt

AbstractNowadays, there have been many signature-based intrusion detection systems deployed and widely used. These systems are capable of detecting known attacks with low false alarm rates, fast detection times, and little system resource requirements. However, these systems are less effective against new attacks that are not included in the ruleset. In addition, recent studies provide a new approach to the problem of detecting unknown types of network attacks based on machine learning and deep learning. However, this new approach requires a lot of resources, processing time and has a high false alarm rate. Therefore, it is necessary to find a solution that combines the advantages of the two approaches above in the problem of detecting network attacks. In this paper, the authors present a method to automatically generate network attack detection rules for the IDS system based on the results of training machine learning models. Through testing, the author proves that the system that automatically generates network attack detection rules for IDS based on machine learning meets the requirements of increasing the ability to detect new types of attacks, ensuring automatic effective updates of new signs of network attacks.

Downloads

Download data is not yet available.

Downloads

Abstract views: 138 / PDF downloads: 100

Published

2022-01-14

How to Cite

Trung, N. H., Viet, L. H., & Thang, T. D. (2022). Research and development automatically generate detection rules for IDS based on machine learning technology. Journal of Science and Technology on Information Security, 2(14), 45-54. https://doi.org/10.54654/isj.v2i14.203

Issue

Section

Papers