Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches
| Autor: | Roberto Magán-Carrión, Daniel Urda, Bernabé Dorronsoro, Ignacio Diaz-Cano |
|---|---|
| Přispěvatelé: | Ingeniería en Automática, Electrónica, Arquitectura y Redes de Computadores, Ingeniería Informática |
| Jazyk: | angličtina |
| Rok vydání: | 2020 |
| Předmět: |
communications networks
Computer science 02 engineering and technology Machine learning computer.software_genre lcsh:Technology Task (project management) lcsh:Chemistry Research community 0202 electrical engineering electronic engineering information engineering General Materials Science Network intrusion detection Instrumentation lcsh:QH301-705.5 Informática Fluid Flow and Transfer Processes business.industry lcsh:T Process Chemistry and Technology NIDS General Engineering 020206 networking & telecommunications Network attack Usability methodology Structured methodology lcsh:QC1-999 Computer Science Applications machine learning lcsh:Biology (General) lcsh:QD1-999 lcsh:TA1-2040 020201 artificial intelligence & image processing Artificial intelligence business lcsh:Engineering (General). Civil engineering (General) computer attack detection lcsh:Physics network intrusion detection |
| Zdroj: | Applied Sciences Volume 10 Issue 5 Applied Sciences, Vol 10, Iss 5, p 1775 (2020) Appl. Sci. 2020, 10(5), 1775 RODIN. Repositorio de Objetos de Docencia e Investigación de la Universidad de Cádiz instname |
| ISSN: | 2076-3417 |
| DOI: | 10.3390/app10051775 |
| Popis: | Presently, we are living in a hyper-connected world where millions of heterogeneous devices are continuously sharing information in different application contexts for wellness, improving communications, digital businesses, etc. However, the bigger the number of devices and connections are, the higher the risk of security threats in this scenario. To counteract against malicious behaviours and preserve essential security services, Network Intrusion Detection Systems (NIDSs) are the most widely used defence line in communications networks. Nevertheless, there is no standard methodology to evaluate and fairly compare NIDSs. Most of the proposals elude mentioning crucial steps regarding NIDSs validation that make their comparison hard or even impossible. This work firstly includes a comprehensive study of recent NIDSs based on machine learning approaches, concluding that almost all of them do not accomplish with what authors of this paper consider mandatory steps for a reliable comparison and evaluation of NIDSs. Secondly, a structured methodology is proposed and assessed on the UGR’16 dataset to test its suitability for addressing network attack detection problems. The guideline and steps recommended will definitively help the research community to fairly assess NIDSs, although the definitive framework is not a trivial task and, therefore, some extra effort should still be made to improve its understandability and usability further. The authors would like to acknowledge the Spanish Ministerio de Ciencia, Innovación y Universidades and ERDF for the support provided under contracts RTI2018-100754-B-I00 (iSUN) and RTI2018-098160-B-I00 (DEEPAPFORE). |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|