Machine Learning based Intrusion Detection System for Web-Based Attacks

Authors: Nitika jain, Dr Jitendra Singh Chouhan

Certificate: View Certificate

Abstract

The number of people who use and rely on computers and computer networks grows at the same rate as the need to keep a computer network safe. Industries have to deal with a lot of new threats every day. Artificial intelligence can be used in a lot of different ways to make an intrusion detection system. This study will look at how an Intrusion Detection System (IDS) neural network works. There is a term for this method called \"Self-Organizing Maps\" (SOM). A lot of people are surprised by how neural networks can help people figure out how to categorise things. In order to use the neural technique, which claims that each person is unique and leaves a unique computer system footprint, a neural network component will be added to the system. This could mean that there is a security breach in progress if a user leaves behind a trail that isn\'t what the system administrator or security officer would expect from normal system use. Self-Organizing Maps can be used to make an Intrusion Detection System at the end of this article. We\'ll also talk about the pros and cons of doing so

Introduction

Security vulnerability may be found in as little as a day or two, depending on how fast you are. A hacker is familiar with current security measures and is always seeking for methods to exploit them. Additionally, cyber criminals are well-versed in a variety of technologies that enable them to circumvent standard security measures and steal personal information. Root Kits, zero-day vulnerabilities, and Browser Exploit Packs (BEP) may all be obtained for free on the black market. Zero-day vulnerabilities are also known as zero-day threats. Personal data and hacked domains may be purchased by attackers for use in future assaults [1]. It's unavoidable to have a security breach. Your greatest line of defense against an assault is early identification and mitigation. If your personal information is compromised, the ramifications might be severe. Leaking private information might cause major problems for governments, organizations, and people. Hackers may get access to your computer whether or not you are connected to the internet, Bluetooth, text messaging, or other online services. Allowing even minor issues to go unnoticed may result in a big data breach. People, for the most part, don't pay enough attention to current security dangers because they don't understand how they function. Private, sensitive, or confidential information is made accessible to a third party without authorization in the case of a data breach. Without sufficient authorization, data breach files may be read and/or disseminated.

Conclusion

The Self-Organizing Map, a strong mechanism, makes it possible to automatically figure out what kind of system activity is allowed. Self Organizing Maps can be used to make an intrusion detection system, as we showed in the study that came before this one, In this lesson, we\'ve talked about the SOMe\'s architecture and flow diagram as well as its benefits and drawbacks. A basic map that has been trained on normal data can tell the difference between the two types of buffer overflow invasions that we tried it on, according to our real tests. No one needs to tell the self organizing map what invasive behaviour looks like, making this a very strong way to do things, It learns how to describe normal behaviour so that it can recognize when there is something wrong with the network. Our work has shown a relatively good result in detecting attacks however it is necessary to improve our model further to detect more known and unknown attacks. In addition, a further work that could be an extension of our work to fulfill the need as follows: Using different hyper parameter optimization technique to improve and identify core difference parameters that influence the model performance. Study on additional features and dataset included and selecting relatively high performance models. Hybrid IDS have shown high performance in other studies. So integrating with other signature-based IDS to form a hybrid IDS and measure the performance to what extent is usable the model. Implement with front end applications and using a model for analysis as a back end engine on live network traffic and measure the effectiveness of the whole system.