Nowadays, using the smart metering devices for energy users to manage a wide variety of subscribers,
reading devices for measuring, billing, disconnection and connection of subscribers’ connection
management is an important issue. The performance of these intelligent systems is based on information
transfer in the context of information technology, so reported data from network should be managed to
avoid the malicious activities that including the issues that could affect the quality of service the system. In
this paper for control of the reported data and to ensure the veracity of the obtained information, using
intrusion detection system is proposed based on the support vector machine and principle component
analysis (PCA) to recognize and identify the intrusions and attacks in the smart grid. Here, the operation of
intrusion detection systems for different kernel of SVM when using support vector machine (SVM) and PCA
simultaneously is studied. To evaluate the algorithm, based on data KDD99, numerical simulation is done
on five different kernels for an intrusion detection system using support vector machine with PCA
simultaneously. Also comparison analysis is investigated for presented intrusion detection algorithm in
terms of time - response, rate of increase network efficiency and increase system error and differences in
the use or lack of use PCA. The results indicate that correct detection rate and the rate of attack error
detection have best value when PCA is used, and when the core of algorithm is radial type, in SVM
algorithm reduces the time for data analysis and enhances performance of intrusion detection.
SAMPLING BASED APPROACHES TO HANDLE IMBALANCES IN NETWORK TRAFFIC DATASET FOR...
Network traffic data is huge, varying and imbalanced because various classes are not equally distributed. Machine learning (ML) algorithms for traffic analysis uses the samples from this
data to recommend the actions to be taken by the network administrators as well as training. Due to imbalances in dataset, it is difficult to train machine learning algorithms for traffic
analysis and these may give biased or false results leading to serious degradation in performance of these algorithms. Various techniques can be applied during sampling to minimize the effect of imbalanced instances. In this paper various sampling techniques have been analysed in order to compare the decrease in variation in imbalances of network traffic
datasets sampled for these algorithms. Various parameters like missing classes in samples probability of sampling of the different instances have been considered for comparison
PREDICTIVE MAINTENANCE AND ENGINEERED PROCESSES IN MECHATRONIC INDUSTRY: AN I...
This document summarizes a case study on implementing predictive maintenance processes in a mechatronic industry using machine learning algorithms. A company installed sensors on a cutting machine to monitor blade status in real-time. A software platform was developed to analyze sensor data using k-Means clustering and LSTM algorithms to predict blade break conditions. The platform classified risk maps and predicted alert levels based on recent variable values. This approach aimed to optimize maintenance and reduce machine downtime for customers.
A Review of anomaly detection techniques in advanced metering infrastructure
Advanced Metering Infrastructure (AMI) is a component of electrical networks that combines the energy and telecommunication infrastructure to collect, measure and analyze consumer energy consumptions. One of the main elements of AMI is a smart meter that used to manage electricity generation and distribution to end-user. The rapid implementation of AMI raises the need to deliver better maintenance performance and monitoring more efficiently while keeping consumers informed on their consumption habits. The convergence from analog to digital has made AMI tend to inherit the current vulnerabilities of digital devices that prone to cyber-attack, where attackers can manipulate the consumer energy consumption for their benefit. A huge amount of data generated in AMI allows attackers to manipulate the consumer energy consumption to their benefit once they manage to hack into the AMI environment. Anomalies detection is a technique can be used to identify any rare event such as data manipulation that happens in AMI based on the data collected from the smart meter. The purpose of this study is to review existing studies on anomalies techniques used to detect data manipulation in AMI and smart grid systems. Furthermore, several measurement methods and approaches used by existing studies will be addressed.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Optimization of network traffic anomaly detection using machine learning
In this paper, to optimize the process of detecting cyber-attacks, we choose to propose 2 main optimization solutions: Optimizing the detection method and optimizing features. Both of these two optimization solutions are to ensure the aim is to increase accuracy and reduce the time for analysis and detection. Accordingly, for the detection method, we recommend using the Random Forest supervised classification algorithm. The experimental results in section 4.1 have proven that our proposal that use the Random Forest algorithm for abnormal behavior detection is completely correct because the results of this algorithm are much better than some other detection algorithms on all measures. For the feature optimization solution, we propose to use some data dimensional reduction techniques such as information gain, principal component analysis, and correlation coefficient method. The results of the research proposed in our paper have proven that to optimize the cyberattack detection process, it is not necessary to use advanced algorithms with complex and cumbersome computational requirements, it must depend on the monitoring data for selecting the reasonable feature extraction and optimization algorithm as well as the appropriate attack classification and detection algorithms.
Improving face recognition by artificial neural network using principal compo...TELKOMNIKA JOURNAL
This document presents a method for improving face recognition using artificial neural networks and principal component analysis. It discusses:
1) Extracting features from face images using PCA to reduce dimensionality before training neural networks.
2) Training two neural network models - a feedforward backpropagation network and an Elman network - on feature sets of 40 and 50 dimensions.
3) The feedforward backpropagation network achieved 98.33-98.8% accuracy while the Elman network achieved 98.33-95.14% accuracy, showing the proposed method effectively recognizes faces.
Remote administration of bms through android applicationeSAT Journals
This document summarizes a research paper on remotely administering a Building Management System (BMS) through an Android application. It discusses how sensor data from a building is sent over GPRS to a server where it is stored in a database. An Android app allows remote control and monitoring of building parameters by communicating with the server over TCP/IP. The system uses a microcontroller-based Building Management Device to collect data from sensors and send it to the server via a GPRS modem. This allows centralized monitoring and control of building functions like lighting, temperature and security from any location.
A web application detecting dos attack using mca and tameSAT Journals
Abstract
Interconnected systems, such as all kind of servers including web servers, are been always under the threats of network attackers. There are many popular attacks like man in middle attack, cross site scripting, spamming etc. but Denial of service attack is considered to be one of most dangerous attack on the networked applications. The attack causes many serious issues on these computing systems A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to the intended users. The performance of the server is reduced by the DoS attack, so, to increase the efficiency of the server, detection of the attack is necessary. Hence Multivariate Correlation Analysis’ issued, this approach employs triangle area for extracting the correlation information between network traffic. Our implemented system is evaluated using KDD Cup 99 data set, and the treatment of both non-normalized data and normalized data on the performance of the proposed detection system are examined. The implemented system has capability of learning new patterns of legitimate network traffic hence it detect both known and unknown types of DoS attacks and we can say that It is working on the principle of anomaly based attack detection. Triangle-area-based technique is used to speed up the process. The stored legitimate profiles has to keep secured so Detection e=mechanism for the SQL injection is also implemented in the system. The system designed to carry out attack detection is a question-answer portal i.e. a web application and hence the system is using HTTP protocol unlike previous systems which were using TCP. Keywords: Denial-of-Service attack, Features Normalization, Triangle Area Map(TAM), Multivariate Correlation Analysis(MCA), anomaly based detection, SQL injection, HTTP, and TCP,
SAMPLING BASED APPROACHES TO HANDLE IMBALANCES IN NETWORK TRAFFIC DATASET FOR...cscpconf
Network traffic data is huge, varying and imbalanced because various classes are not equally distributed. Machine learning (ML) algorithms for traffic analysis uses the samples from this
data to recommend the actions to be taken by the network administrators as well as training. Due to imbalances in dataset, it is difficult to train machine learning algorithms for traffic
analysis and these may give biased or false results leading to serious degradation in performance of these algorithms. Various techniques can be applied during sampling to minimize the effect of imbalanced instances. In this paper various sampling techniques have been analysed in order to compare the decrease in variation in imbalances of network traffic
datasets sampled for these algorithms. Various parameters like missing classes in samples probability of sampling of the different instances have been considered for comparison
PREDICTIVE MAINTENANCE AND ENGINEERED PROCESSES IN MECHATRONIC INDUSTRY: AN I...ijaia
This document summarizes a case study on implementing predictive maintenance processes in a mechatronic industry using machine learning algorithms. A company installed sensors on a cutting machine to monitor blade status in real-time. A software platform was developed to analyze sensor data using k-Means clustering and LSTM algorithms to predict blade break conditions. The platform classified risk maps and predicted alert levels based on recent variable values. This approach aimed to optimize maintenance and reduce machine downtime for customers.
A Review of anomaly detection techniques in advanced metering infrastructurejournalBEEI
Advanced Metering Infrastructure (AMI) is a component of electrical networks that combines the energy and telecommunication infrastructure to collect, measure and analyze consumer energy consumptions. One of the main elements of AMI is a smart meter that used to manage electricity generation and distribution to end-user. The rapid implementation of AMI raises the need to deliver better maintenance performance and monitoring more efficiently while keeping consumers informed on their consumption habits. The convergence from analog to digital has made AMI tend to inherit the current vulnerabilities of digital devices that prone to cyber-attack, where attackers can manipulate the consumer energy consumption for their benefit. A huge amount of data generated in AMI allows attackers to manipulate the consumer energy consumption to their benefit once they manage to hack into the AMI environment. Anomalies detection is a technique can be used to identify any rare event such as data manipulation that happens in AMI based on the data collected from the smart meter. The purpose of this study is to review existing studies on anomalies techniques used to detect data manipulation in AMI and smart grid systems. Furthermore, several measurement methods and approaches used by existing studies will be addressed.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Optimization of network traffic anomaly detection using machine learning IJECEIAES
In this paper, to optimize the process of detecting cyber-attacks, we choose to propose 2 main optimization solutions: Optimizing the detection method and optimizing features. Both of these two optimization solutions are to ensure the aim is to increase accuracy and reduce the time for analysis and detection. Accordingly, for the detection method, we recommend using the Random Forest supervised classification algorithm. The experimental results in section 4.1 have proven that our proposal that use the Random Forest algorithm for abnormal behavior detection is completely correct because the results of this algorithm are much better than some other detection algorithms on all measures. For the feature optimization solution, we propose to use some data dimensional reduction techniques such as information gain, principal component analysis, and correlation coefficient method. The results of the research proposed in our paper have proven that to optimize the cyberattack detection process, it is not necessary to use advanced algorithms with complex and cumbersome computational requirements, it must depend on the monitoring data for selecting the reasonable feature extraction and optimization algorithm as well as the appropriate attack classification and detection algorithms.
Safeguard the Automatic Generation Control using Game Theory TechniqueIRJET Journal
This document discusses using game theory techniques to safeguard the automatic generation control (AGC) in smart grids from false data injection attacks. It first provides background on AGC and how false data can affect its performance and potentially cause blackouts. It then discusses using a game theory model to represent the interactions between attackers injecting false data and defenders protecting the system. The risks of different attack events are calculated and fed into the game model. Dynamic programming is used to determine optimal defense strategies based on resource constraints. Simulation results show the approach can minimize risks to the AGC under different attack scenarios.
23 9754 assessment paper id 0023 (ed l)2IAESIJEECS
This paper presents a risk assessment method for assessing the cyber security of power systems in view of the role of protection systems. This paper examines the collision of transmission and bus line protection systems positioned in substations on the cyber-physical performance of the power systems. The projected method simulates the physical feedback of power systems to hateful attacks on protection system settings and parameters. The relationship between protection device settings, protection logic, and circuit breaker logic is analyzed. The expected load reduction (ELC) indicator is used in this paper to determine potential losses in the system due to cyber attacks. The Monte Carlo simulation is used to calculate ELC’s account to assess the capabilities of the attackers and bus arrangements are changed. The influence of the projected risk assessment method is illustrated by the use of the 9-bus system and the IEEE-68 bus system.
Improving the performance of Intrusion detection systemsyasmen essam
Intrusion detection systems (IDS) are widely studied by
researchers nowadays due to the dramatic growth in
network-based technologies. Policy violations and
unauthorized access is in turn increasing which makes
intrusion detection systems of great importance. Existing
approaches to improve intrusion detection systems focus on feature selection or reduction since some features are
irrelevant or redundant which when removed improve the
accuracy as well as the learning time.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
An improvement in history based weighted voting algorithm for safety critical...prjpublications
The document discusses a novel history-based weighted voting algorithm for safety-critical systems. It first reviews existing majority and weighted average voting algorithms and their limitations. It then proposes a new algorithm that assigns weights dynamically based on fuzzy logic assessments of module agreement and each module's historical reliability. The algorithm is evaluated experimentally against triple modular redundancy and shown to provide near 100% safety with two error-free modules or better results than existing algorithms with one or multiple errors. It concludes the new approach offers a better compromise between safety and availability for safety-critical applications.
Classification of Churn and non-Churn Customers in Telecommunication CompaniesCSCJournals
Telecommunication is very important as it serves various activities, services of electronic systems to transmit messages via physical cables, telephones, or cell phones. The two main factors that affect the growth of telecommunications are the rapid growth of modern technology and the market demand and its competition. These two factors in return, create new technologies and products, which open a series of options and offers to customers, in order to satisfy their needs and requirements. However, one crucial problem that commercial companies in general and telecommunication in particular, suffer from is a loss of valuable customers to competitors; this is called customer churn prediction. In this paper, the dynamic training technique is introduced. The dynamic training is used to improve the prediction of performance. This technique is based on two ANN network configurations to minimise the total error of the network to predict two different classes; names churn and non-customers.
1) The document describes the analysis and design of an electronic device to aid navigation for the visually impaired using embedded systems.
2) The device uses sensors like GPS, light sensors, and ultrasonic sensors along with actuators like vibration motors and audio to provide information on location, obstacles, and lighting levels to users.
3) The development of the device involved requirements analysis using structured analysis techniques like data flow diagrams and state transition diagrams, as well as object-oriented design using UML diagrams. Software development is done in C/C++.
This academic article discusses the efficiency of distributed systems. It presents a model for measuring efficiency that takes into account the number of processes, nodes, and messages. The key points are:
1. The efficiency of a distributed system depends on the number of processes, nodes, and messages as well as the time taken for internal processing, sending/receiving messages, processing at nodes, and completing the task.
2. As the number of processes, nodes, and messages increases, the overall time increases and efficiency decreases.
3. An example calculation shows that efficiency is reduced from 70% to lower levels as the number of messages increases.
IRJET - Automated Water Meter: Prediction of Bill for Water ConservationIRJET Journal
The document summarizes an approach for automated water meters that can help conserve water resources. It discusses how traditional manual water metering systems are labor intensive and prone to errors. Automated water meters using technologies like IoT and machine learning can help manage water resources more efficiently while reducing human intervention. The document then reviews different techniques proposed in previous research for implementing automated water metering systems, including using electronic interface modules, open source systems, convolutional neural networks for digit recognition, and systems that integrate meter reading, leakage detection, data processing and billing units.
Performance analysis of binary and multiclass models using azure machine lear...IJECEIAES
Network data is expanding and that too at an alarming rate. Besides, the sophisticated attack tools used by hackers lead to capricious cyber threat landscape. Traditional models proposed in the field of network intrusion detection using machine learning algorithms emphasize more on improving attack detection rate and reducing false alarms but time efficiency is often overlooked. Therefore, in order to address this limitation, a modern solution has been presented using Machine Learning-as-a-Service platform. The proposed work analyses the performance of eight two-class and three multiclass algorithms using UNSW NB-15, a modern intrusion detection dataset. 82,332 testing samples were considered to evaluate the performance of algorithms. The proposed two class decision forest model exhibited 99.2% accuracy and took 6 seconds to learn 1,75,341 network instances. Multiclass classification task was also undertaken wherein attack types like generic, exploits, shellcode and worms were classified with a recall percentage of 99%, 94.49%, 91.79% and 90.9% respectively by the multiclass decision forest model that also leapfrogged others in terms of training and execution time.
A NOVEL EVALUATION APPROACH TO FINDING LIGHTWEIGHT MACHINE LEARNING ALGORITHM...IJNSA Journal
Building practical and efficient intrusion detection systems in computer network is important in industrial areas today and machine learning technique provides a set of effective algorithms to detect network
intrusion. To find out appropriate algorithms for building such kinds of systems, it is necessary to evaluate various types of machine learning algorithms based on specific criteria. In this paper, we propose a novel evaluation formula which incorporates 6 indexes into our comprehensive measurement, including precision, recall, root mean square error, training time, sample complexity and practicability, in order to
find algorithms which have high detection rate, low training time, need less training samples and are easy
to use like constructing, understanding and analyzing models. Detailed evaluation process is designed to
get all necessary assessment indicators and 6 kinds of machine learning algorithms are evaluated.
Experimental results illustrate that Logistic Regression shows the best overall performance.
A NOVEL EVALUATION APPROACH TO FINDING LIGHTWEIGHT MACHINE LEARNING ALGORITHM...IJNSA Journal
This document proposes a novel evaluation approach to find lightweight machine learning algorithms for intrusion detection. It incorporates 6 evaluation indexes: precision, recall, root mean square error, training time, sample complexity, and practicability. The evaluation formula calculates a score for each algorithm based on F1 score and penalty values. The document defines penalty values for the practicability of 6 machine learning algorithms (decision tree, naive bayes, multilayer perceptron, radial basis function network, logistic regression, support vector machine). Experimental results on intrusion detection datasets will evaluate the algorithms based on the proposed approach.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Online stream mining approach for clustering network trafficeSAT Journals
Abstract A large number of research have been proposed on intrusion detection system, which leads to the implementation of agent based intelligent IDS (IIDS), Non – intelligent IDS (NIDS), signature based IDS etc. While building such IDS models, learning algorithms from flow of network traffic plays crucial role in accuracy of IDS systems. The proposed work focuses on implementing the novel method to cluster network traffic which eliminates the limitations in existing online clustering algorithms and prove the robustness and accuracy over large stream of network traffic arriving at extremely high rate. We compare the existing algorithm with novel methods to analyse the accuracy and complexity. Keywords— NIDS, Data Stream Mining, Online Clustering, RAH algorithm, Online Efficient Incremental Clustering algorithm
DDOS ATTACKS DETECTION USING DYNAMIC ENTROPY INSOFTWARE-DEFINED NETWORK PRACT...IJCNCJournal
This document discusses a study that proposes a dynamic entropy-based method for detecting DDoS attacks in SDN environments. The study introduces using dynamic threshold values that change over time based on the entropy value variability of network traffic windows, to help predict system state and detect new attacks more accurately compared to static thresholds. The study also evaluates the proposed method in a practical SDN testbed environment, not just in simulations, and finds it can rapidly detect DDoS attacks with high accuracy.
DDoS Attacks Detection using Dynamic Entropy in Software-Defined Network Prac...IJCNCJournal
Software-Defined Network (SDN) is an innovative network architecture with the goal of providing the flexibility and simplicity in network operation and management through a centralized controller. These features help SDN to easily adapt tothe expansion of networkrequirements, but it is also a weakness when it comes to security. With centralized architecture, SDN is vulnerable to cyber-attacks, especially Distributed Denial of Service (DDoS) attack. DDoS is a popular attack type which consumes all network resources and causes congestion in the entire network. In this research, we will introduce a DDoS detection model based on the statistical method with a dynamic threshold value that changes over time. Along with the simulation result, we build a practical SDN model to apply our method, the results show that our method can detectD DoS attacks rapidly with high accuracy.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
Secure and reliable wireless advertising system using intellectual characteri...TELKOMNIKA JOURNAL
Smart cities wireless advertising (smart mobile-AD) filed is one of the well-known area of research where smart devices using mobile ad hoc networks (MANET) platform for advertisement and marketing purposes. Wireless advertising through multiple fusion internet of things (IoT) sensors is one of the important field where the sensors combines multiple sensors information and accomplish the control of self-governing intelligent machines for smart cities advertising framework. With many advantages, this field has suffered with data security. In order to tackle security threats, intrusion detection system (IDS) is adopted. However, the existing IDS system are not able to fulfill the security requirements. This paper proposes an intellectual characteristic selection algorithm (ICSA) integrated with normalized intelligent genetic algorithm-based min-max feature selection (NIGA-MFS). The proposed solution designs for wireless advertising system for business/advertising data security and other transactions using independent reconfigurable architecture. This approach supports the wireless advertising portals to manage the data delivery by using 4G standard. The proposed reconfigurable architecture is validated by using applications specific to microcontrollers with multiple fusion IoT sensors.
Intrusion Detection System Using Machine Learning: An OverviewIRJET Journal
This document provides an overview of machine learning approaches for intrusion detection systems (IDS). It discusses how IDS use data mining techniques like classification, clustering, and association rule mining to detect network intrusions based on patterns in data. The document reviews several papers applying methods like ant colony optimization, support vector machines, genetic algorithms, and convolutional neural networks to classify network activities as normal or intrusive. It compares the strengths and limitations of different machine learning algorithms for IDS and identifies areas for potential improvement in future research.
IRJET- Intrusion Detection using IP Binding in Real NetworkIRJET Journal
This document summarizes a research paper that proposes using genetic algorithms and support vector machines to improve network intrusion detection. It discusses how genetic algorithms can be used to select optimal features for support vector machine classifiers, in order to speed up training time and improve classification accuracy. The genetic algorithm optimizes the crossover and mutation probabilities during evolution to find the best feature subset for identifying network intrusions using support vector machines. Evaluation of this approach suggests it could enhance the effectiveness of intrusion detection systems.
IRJET- Machine Learning based Network SecurityIRJET Journal
The document discusses using machine learning algorithms to classify network traffic as malicious or non-malicious. It describes capturing packets from a dummy website under distributed denial of service (DDoS) attack to create a dataset. Two machine learning algorithms, naive Bayes and support vector machines (SVM), are used to classify the network traffic. Both algorithms achieved over 98% accuracy in detecting spam traffic. The paper proposes creating a real-time network traffic classification system using machine learning algorithms to improve network security.
FORTIFICATION OF HYBRID INTRUSION DETECTION SYSTEM USING VARIANTS OF NEURAL ...IJNSA Journal
Intrusion Detection Systems (IDS) form a key part of system defence, where it identifies abnormal
activities happening in a computer system. In recent years different soft computing based techniques have
been proposed for the development of IDS. On the other hand, intrusion detection is not yet a perfect
technology. This has provided an opportunity for data mining to make quite a lot of important
contributions in the field of intrusion detection. In this paper we have proposed a new hybrid technique
by utilizing data mining techniques such as fuzzy C means clustering, Fuzzy neural network / Neurofuzzy and radial basis function(RBF) SVM for fortification of the intrusion detection system. The
proposed technique has five major steps in which, first step is to perform the relevance analysis, and then
input data is clustered using Fuzzy C-means clustering. After that, neuro-fuzzy is trained, such that each
of the data point is trained with the corresponding neuro-fuzzy classifier associated with the cluster.
Subsequently, a vector for SVM classification is formed and in the last step, classification using RBF-
SVM is performed to detect intrusion has happened or not. Data set used is the KDD cup 1999 dataset
and we have used precision, recall, F-measure and accuracy as the evaluation metrics parameters. Our
technique could achieve better accuracy for all types of intrusions. The results of proposed technique are
compared with the other existing techniques. These comparisons proved the effectiveness of our
technique.
Implementation of Secured Network Based Intrusion Detection System Using SVM ...IRJET Journal
This document discusses the implementation of a secured network-based intrusion detection system using the support vector machine (SVM) algorithm. It begins with an abstract that outlines hardening different intrusion detection implementations and proposals. The paper then discusses using naive Bayes, a classification method for intrusion detection, to analyze transmitted data for malicious content and block transmissions from corrupted hosts. It also discusses using flow correlation information to improve classification accuracy while minimizing effects on network performance.
Network Intrusion Detection System using Machine LearningIRJET Journal
This document discusses using machine learning algorithms to develop a network intrusion detection system (IDS). It analyzes different machine learning algorithms like support vector machines (SVM) and naive bayes and evaluates their performance on detecting intrusions using the NSL-KDD dataset. The paper reviews related work applying machine learning to IDS and discusses algorithms like SVM and naive bayes in more detail. It proposes developing a hybrid multi-level model to improve accuracy and handling large volumes of data. The system architecture and conclusions are also summarized.
Intrusion Detection System Using Face RecognitionIRJET Journal
This document describes an intrusion detection system that uses facial recognition technology. The system works by capturing images of individuals attempting to access a secure area and comparing the images to a database of authorized individuals. If an unauthorized match is found, security personnel are alerted. The system uses a Raspberry Pi, camera, motion sensor, and Python scripts for facial detection and recognition. It analyzes machine learning algorithms like CNNs, SVMs, and FisherFaces for the recognition process. The proposed system is designed to provide reliable detection of unauthorized access and has applications in places like airports, banks and government institutions to enhance security. A literature review discusses similar security systems using technologies like motion detection and analyzes research on improving intrusion detection using machine
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Handwritten Text Recognition Using Machine LearningIRJET Journal
This document discusses a system for handwritten text recognition using machine learning. It proposes using both convolutional neural networks (CNNs) and recurrent neural networks (RNNs) to recognize handwritten text. CNNs are used for feature extraction from images while RNNs model the sequential nature of handwriting. The system collects data, preprocesses it, trains a model using CNNs and RNNs, and then uses the model to generate recognized text output with high accuracy. Potential applications of this handwritten text recognition system include document digitization, banking, education, and more.
JPJ1439 On False Data-Injection Attacks against Power System State Estimation...chennaijp
We are good IEEE java projects development center in Chennai and Pondicherry. We guided advanced java technologies projects of cloud computing, data mining, Secure Computing, Networking, Parallel & Distributed Systems, Mobile Computing and Service Computing (Web Service).
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/java-projects/
Potato Leaf Disease Detection Using Machine LearningIRJET Journal
This document discusses a study on detecting potato leaf diseases using machine learning techniques. The researchers collected a dataset of potato leaf images from Kaggle containing healthy leaves and leaves affected by early and late blight diseases. They performed preprocessing including data augmentation to increase the dataset size. A convolutional neural network model was trained on the images to extract features and classify leaves as healthy or diseased, achieving an accuracy of 97.71%. The CNN model outperformed traditional machine learning classifiers. The researchers concluded machine learning is an effective approach for automated disease detection to improve agricultural production through early identification.
WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection SystemEswar Publications
Security and Performance aspects of cloud computing are the major issues which have to be tended to in Cloud Computing. Intrusion is one such basic and imperative security problem for Cloud Computing. Consequently, it is essential to create an Intrusion Detection System (IDS) to detect both inside and outside assaults with high detection precision in cloud environment. In this paper, cloud intrusion detection system at hypervisor layer is developed and assesses to detect the depraved activities in cloud computing environment. The cloud intrusion detection system uses a hybrid algorithm which is a fusion of WLI- FCM clustering algorithm and Back propagation artificial Neural Network to improve the detection accuracy of the cloud intrusion detection system. The proposed system is implemented and compared with K-means and classic FCM. The DARPA’s KDD cup dataset 1999 is used for simulation. From the detailed performance analysis, it is clear that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate.
Similar to An intrusion detection algorithm for ami (20)
How RPA Help in the Transportation and Logistics Industry.pptxSynapseIndia
Revolutionize your transportation processes with our cutting-edge RPA software. Automate repetitive tasks, reduce costs, and enhance efficiency in the logistics sector with our advanced solutions.
The Rise of Supernetwork Data Intensive ComputingLarry Smarr
Invited Remote Lecture to SC21
The International Conference for High Performance Computing, Networking, Storage, and Analysis
St. Louis, Missouri
November 18, 2021
Advanced Techniques for Cyber Security Analysis and Anomaly DetectionBert Blevins
Cybersecurity is a major concern in today's connected digital world. Threats to organizations are constantly evolving and have the potential to compromise sensitive information, disrupt operations, and lead to significant financial losses. Traditional cybersecurity techniques often fall short against modern attackers. Therefore, advanced techniques for cyber security analysis and anomaly detection are essential for protecting digital assets. This blog explores these cutting-edge methods, providing a comprehensive overview of their application and importance.
How Social Media Hackers Help You to See Your Wife's Message.pdfHackersList
In the modern digital era, social media platforms have become integral to our daily lives. These platforms, including Facebook, Instagram, WhatsApp, and Snapchat, offer countless ways to connect, share, and communicate.
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxSynapseIndia
Your comprehensive guide to RPA in healthcare for 2024. Explore the benefits, use cases, and emerging trends of robotic process automation. Understand the challenges and prepare for the future of healthcare automation
Sustainability requires ingenuity and stewardship. Did you know Pigging Solutions pigging systems help you achieve your sustainable manufacturing goals AND provide rapid return on investment.
How? Our systems recover over 99% of product in transfer piping. Recovering trapped product from transfer lines that would otherwise become flush-waste, means you can increase batch yields and eliminate flush waste. From raw materials to finished product, if you can pump it, we can pig it.
Mitigating the Impact of State Management in Cloud Stream Processing SystemsScyllaDB
Stream processing is a crucial component of modern data infrastructure, but constructing an efficient and scalable stream processing system can be challenging. Decoupling compute and storage architecture has emerged as an effective solution to these challenges, but it can introduce high latency issues, especially when dealing with complex continuous queries that necessitate managing extra-large internal states.
In this talk, we focus on addressing the high latency issues associated with S3 storage in stream processing systems that employ a decoupled compute and storage architecture. We delve into the root causes of latency in this context and explore various techniques to minimize the impact of S3 latency on stream processing performance. Our proposed approach is to implement a tiered storage mechanism that leverages a blend of high-performance and low-cost storage tiers to reduce data movement between the compute and storage layers while maintaining efficient processing.
Throughout the talk, we will present experimental results that demonstrate the effectiveness of our approach in mitigating the impact of S3 latency on stream processing. By the end of the talk, attendees will have gained insights into how to optimize their stream processing systems for reduced latency and improved cost-efficiency.
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...Bert Blevins
Today’s digitally connected world presents a wide range of security challenges for enterprises. Insider security threats are particularly noteworthy because they have the potential to cause significant harm. Unlike external threats, insider risks originate from within the company, making them more subtle and challenging to identify. This blog aims to provide a comprehensive understanding of insider security threats, including their types, examples, effects, and mitigation techniques.
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsMydbops
This presentation, delivered at the Postgres Bangalore (PGBLR) Meetup-2 on June 29th, 2024, dives deep into connection pooling for PostgreSQL databases. Aakash M, a PostgreSQL Tech Lead at Mydbops, explores the challenges of managing numerous connections and explains how connection pooling optimizes performance and resource utilization.
Key Takeaways:
* Understand why connection pooling is essential for high-traffic applications
* Explore various connection poolers available for PostgreSQL, including pgbouncer
* Learn the configuration options and functionalities of pgbouncer
* Discover best practices for monitoring and troubleshooting connection pooling setups
* Gain insights into real-world use cases and considerations for production environments
This presentation is ideal for:
* Database administrators (DBAs)
* Developers working with PostgreSQL
* DevOps engineers
* Anyone interested in optimizing PostgreSQL performance
Contact info@mydbops.com for PostgreSQL Managed, Consulting and Remote DBA Services
7 Most Powerful Solar Storms in the History of Earth.pdfEnterprise Wired
Solar Storms (Geo Magnetic Storms) are the motion of accelerated charged particles in the solar environment with high velocities due to the coronal mass ejection (CME).
The DealBook is our annual overview of the Ukrainian tech investment industry. This edition comprehensively covers the full year 2023 and the first deals of 2024.
Blockchain technology is transforming industries and reshaping the way we conduct business, manage data, and secure transactions. Whether you're new to blockchain or looking to deepen your knowledge, our guidebook, "Blockchain for Dummies", is your ultimate resource.
Quantum Communications Q&A with Gemini LLM. These are based on Shannon's Noisy channel Theorem and offers how the classical theory applies to the quantum world.
Are you interested in dipping your toes in the cloud native observability waters, but as an engineer you are not sure where to get started with tracing problems through your microservices and application landscapes on Kubernetes? Then this is the session for you, where we take you on your first steps in an active open-source project that offers a buffet of languages, challenges, and opportunities for getting started with telemetry data.
The project is called openTelemetry, but before diving into the specifics, we’ll start with de-mystifying key concepts and terms such as observability, telemetry, instrumentation, cardinality, percentile to lay a foundation. After understanding the nuts and bolts of observability and distributed traces, we’ll explore the openTelemetry community; its Special Interest Groups (SIGs), repositories, and how to become not only an end-user, but possibly a contributor.We will wrap up with an overview of the components in this project, such as the Collector, the OpenTelemetry protocol (OTLP), its APIs, and its SDKs.
Attendees will leave with an understanding of key observability concepts, become grounded in distributed tracing terminology, be aware of the components of openTelemetry, and know how to take their first steps to an open-source contribution!
Key Takeaways: Open source, vendor neutral instrumentation is an exciting new reality as the industry standardizes on openTelemetry for observability. OpenTelemetry is on a mission to enable effective observability by making high-quality, portable telemetry ubiquitous. The world of observability and monitoring today has a steep learning curve and in order to achieve ubiquity, the project would benefit from growing our contributor community.
1. International Journal on Cybernetics & Informatics (IJCI) Vol. 3, No. 4, August 2014
AN INTRUSION DETECTION ALGORITHM FOR AMI
SYSTEMS BASED ON SVM AND PCA
Sara Pourfallah1, Amir H. Jafari2, Hadi S. Shahhoseini3, Mitra oleyaeyan4
1,4Elearning Center, Iran University of science and Technology, Tehran, Iran
2,3Electrical Engineering Department, Iran University of science and Technology, Tehran, Iran
ABSTRACT
Nowadays, using the smart metering devices for energy users to manage a wide variety of subscribers,
reading devices for measuring, billing, disconnection and connection of subscribers’ connection
management is an important issue. The performance of these intelligent systems is based on information
transfer in the context of information technology, so reported data from network should be managed to
avoid the malicious activities that including the issues that could affect the quality of service the system. In
this paper for control of the reported data and to ensure the veracity of the obtained information, using
intrusion detection system is proposed based on the support vector machine and principle component
analysis (PCA) to recognize and identify the intrusions and attacks in the smart grid. Here, the operation of
intrusion detection systems for different kernel of SVM when using support vector machine (SVM) and PCA
simultaneously is studied. To evaluate the algorithm, based on data KDD99, numerical simulation is done
on five different kernels for an intrusion detection system using support vector machine with PCA
simultaneously. Also comparison analysis is investigated for presented intrusion detection algorithm in
terms of time - response, rate of increase network efficiency and increase system error and differences in
the use or lack of use PCA. The results indicate that correct detection rate and the rate of attack error
detection have best value when PCA is used, and when the core of algorithm is radial type, in SVM
algorithm reduces the time for data analysis and enhances performance of intrusion detection.
KEYWORDS
Intelligent System AMI, intrusion detection systems, support vector machines, PCA
1. INTRODUCTION
Today, the management of energy networks, including control activities, customer invoice and
management at peak hours, the use of smart grid power distribution network is of utmost
importance. For this purpose Advanced Metering Infrastructure (AMI) and integrated systems
including hardware, software, network and designed communication platform by considering
information such as consumption, demand, voltage, current will help to better manage the
network. This system creates two-way communication platform capable to reading, tuning,
monitoring and remote control of the meters, collect, manage, process and analyse the collected
data and produce graphs and reports required. Automatically perform all the processes [1-2].
This project done in France and Italy, according to research and engineering consulting institute
Zpryme, the number of smart meters installed in the United States of America from 2.47 million
in 2007 to 37.29 million in 2011, has grown that large part by corporations leading such as Pacific
gas and Electric (PGE), Florida power and light (FPL) and southern California Edison company
DOI: 10.5121/ijci.2014.3401 1
2. International Journal on Cybernetics & Informatics (IJCI) Vol. 3, No. 4, August 2014
installed. Installing smart meters with a 97% annual growth is predicted this amount will reach at
the end of 2013 to 61.77 million meters [3].
2
Figure 1: Structure of IDS in the AMI
As can be seen in Figure 1 smart networks using telecommunications equipment and the context
of information technology Star, that this area efficiently monitoring and control to complete
protective measures and maintain security infrastructure is a critical need. Security in smart
system throughout the measurement process from meter and DC to CAS, which are consists many
of hardware and software systems must considered and all factors such as manufacturers,
suppliers and regulators to increase awareness and ensure security measurement systems will
participate together in the future. The following elements can be considered for AMI [4-6]:
Sensor: hardware or software components or systems for the analysis of network
activity. In the case of AMI, sensors should be located at the head-end termination. The
sensor head-end termination processes large volumes of traffic; sensors in the meters
shall have minimum computing requirements.
Server management: management of data generated by sensors needs to be sent to one or
several servers.
Database server: store for events information recorded by sensors and server
management. A combination of management server and database server that is often
Security Information and Event Management (SIEM) is called.
Console: Interface that security managers can use to 1) configure intrusion detection
systems, 2) to monitor the security situation in AMI 3) to visualize and explore the alert,
and 4) to perform forensic activities
One of the things that can contributed to the security of these systems is the use of intrusion
detection systems in AMI In order to control the traffic these networks be prevented of potential
attacks that can be achieved through mesh networks in addition backhaul IP-based networks,
imposing to system. This system can be used to identify and deal with these types of attacks that
may happen in AMI network. In works [7-9], support vector machine and PCA is proposed but
base on our knowledge effect of different SVM kernels in performance of an intrusion detection
algorithm when using SVM and PCA simultaneously is not studied. So, in this paper, five kernels
of SVM in intrusion detection algorithm that can be used in intelligent network structure such as
AMI, by taking advantage of the PCA is explored and assessed by exploiting standard data
KDD99 attacks.
3. International Journal on Cybernetics Informatics (IJCI) Vol. 3, No. 4, August 2014
In the next section introduces the IDS and its use in identification of attacks would be considered,
in the third part, after pre-processing methods, and how to use the support vector machine is
presented. The fourth section the proposed is evaluated for standard attack data and the
conclusions are presented in Section Five.
3
2. INTRUSION DETECTION SYSTEMS
Intrusion Detection System (IDS) is responsible for identifying and detecting any unauthorized
use of the system, Abuse or damage by both internal and external users [10]. Intrusion detection
systems have been created as software and hardware systems and each has its own advantages
and disadvantages. Speed and accuracy are the benefits of hardware systems and the lack of
security breach by hackers is another the capability of such systems. But the ease of use of the
software, the ability to adapt the software requirements and between different operating systems,
software systems will be more common and generally these systems have better selection [11].
Generally, three main functions(IDS)are: 1)Monitoring and Evaluation 2) Discovered 3)
Reactions ,Thus each IDS can be classified based on intrusion detection techniques, architecture
and the response to intrusion and several methods have been designed as intrusion detection
techniques to act monitor events occurring in a computer system or network assume.
3. PRE-PROCESSING
To make the data comparable and to be without unit is applied of linear transformation. Also,
since the number of attack data features was large and the processing time takes much time is
used of PCA to reduce dimension. Principal component analysis (PCA), is a method of reduction
dimension, that is based on the work of Pearson. The main goal is, feature extraction has been
representing the data in a lower dimensional space with relatively less attention of feature
selection. Geometry can be said to PCA, the new vertical axes of the original coordinate axes to
be sorted out if the initial variance. Facts do PCA, in Fig2 Is shown. Because of the limitations of
the paper is avoid describes the algorithm and reference [12] is presented.
4. SUPPORT VECTOR MACHINES ALGORITHM
During the designing with training data imposed the test set to the model and with calculated
error of model in training and testing input, to do pay adjustments the model or training
methodology. After designing model and reaching a model with an appropriate accurately
according to input training and testing, if the answer models proper estimation to data, the model
is ready for practical use. Otherwise should correct the design process [13-14].
Enhancing task SVM classification of data is based linear. The linear dividing data has tried to
select the line that to be more reliable margin. In general, solve the equation to find optimal line
for data by QP methods that methods are known in solving problem that is limited [15-16].
For a detailed study of the SVM algorithm: suppose, an optimal separating screen which is
completely separate, with hyper plane with a maximum margin linear boundary exists. The
training data is include N pair ( x , y ),...,( x , y ),( x , y ), x Î R m
and y Î{−1,1} ,
n n 2 2 1 1 i i
Due to this we want profile pages to define a separator between two floors of 1 and -1, where the
largest bond between two clouds parallel plates on each side of the cloud separator page, to
4. International Journal on Cybernetics Informatics (IJCI) Vol. 3, No. 4, August 2014
4
Figure2. PCA algorithm for Pre-processing
be there. For optimized separating Page the two classes are separated as with d with the nearest
points of each class will have a maximum distance. Not only does this create a separator page to
select a unique solution, but also with maximizing the bond between the two floors, shows a
better performance in the separation of test data. In simple terms separator designed to extend the
capabilities of a better whole. Then we discuss the optimization problem [17-18]:
max c
0 =
w,w , w 1
(1)
Where the constraint i = 1,...,n and y x w w C T
i ( + ) ³ 0 . These adverbs are subject beyond
ensuring a minimum distance of C in all parts of the boundary decision that w and 0 w are
determined not to violate. For this context, we are looking for the largest C and related parameters
that provide the conditions for us.
i x
In fact did not possible implementation SVM, such that the line can be completely separated the
data into distinct categories. In fact, data always have some flat of boundary Separator categories.
This little flat is shown with the covariates x = ( x , x ,......, x ) . Classification error occurs when
1 2 n have x 1, by limiting n
to value of K we obtain the optimization problem [16].
i i =
1 On the other hand, to resolve all needs and also satisfy the KKT conditions for this equation to
equation (2) write.
1
min w
w w
2
, 2
0
(2)
T
y x w+ w ³ −x with condition ³ 0, £ K i i x x .
that for each i, ( ) (1 ) 0 i
i
From this equation, it is well known that the points have been well side its class do not very
important role in shaping the boundaries and this is a feature of this method [20-21].
5. International Journal on Cybernetics Informatics (IJCI) Vol. 3, No. 4, August 2014
5
The following equation is used to map the input space:
i f ( x ) = a y ( ( x ), ( x )) + w
i i 0
n
=
i 1
j j (3)
Moreover should have relation of kernel functions (the inner product in has converted
space) an individual. Nuclear equation, with formula k ( x , x ' ) = m
j ( x )j ( x
' ) , to
j =
1
j j rewrite the formula (3) we use the following:
i f ( x ) = aˆ y ( x, x )+ wˆ
i i 0
n
=
i 1
(4)
The four core functions that are commonly used in SVM is, Linear function, polynomial function
of degree d, the radial basis function (RBF) and MLP function (perception).[22-23] Steps in the
algorithm in Fig2is shown. This flowchart symbolically are depicted the process performed on
simulation algorithm based on support vector machines and analysis the main elements.
Start
Normalization
PCA
Normal data
Feature i in Threshold level Y N
Total data
Updates the class attribute
Randomly selected for training and testing data
Save in file *.mat
Input data format *.xlsx
Attack type
End
Figure 3. Flowchart of used algorithm for intrusion detection system
6. International Journal on Cybernetics Informatics (IJCI) Vol. 3, No. 4, August 2014
6
5. ANALYSIS OF RESULTS
In this simulation, presented algorithms is studied for total of 10% the initial data with different
kernel and based on the dimension reduction method and the result is studied in term of response
time, increase network efficiency, system error rate and sensitivity. KDD99 data set used in this
simulation that main reason for using it the complete data set of all currently known attacks
compared to other dataset used in the simulation experiments that have 41 attributes, which 21
kinds of abnormalities have in their place. This 21 anomaly in four total categories are named
DOS, Prob, U2R and R2L.In simulation support vector machine algorithm method to analyze the
main elements with help of Principal Component Analysis to reduce the number of features and
increase system performance; Of 41 features used in KDD99 selected 17 features, for increase
response time and system performance. In this experiment, the number of features is less than the
response time will be faster.
The main reason for using PCA 52.7% improve response time and the increasing algorithm
performance in intrusion detection from 99.40 to 99.84 and the error rate dropped to 26.6%.
In the simulations performed, the algorithm will be trained and then tested. During training, each
group individual anomaly is compared with normative data but ultimately all abnormalities are
placed a group. For training is used the radio labelled data, but during the test data are unlabelled.
Ratio Data of each class to the total number of data in the data set are giveninTable1.
Table 1. Selected data distribution in data collection
R2L data U2R data Probe data DOS data Normal data Total number
452.6123 21.45658 1591.43 158551.6 39398.33 200015
The simulation results of the PCA and support vector machine algorithm described in Table2.
Table 2. Numerical results for diagnostic tests
Algorithm is used Correct Rate Error Rate
SVM 99.4 0.6
PCA + SVM 99.84 0.16
The result of the simulation support vector machine Algorithm and impact of PCA on it with 41
features, 21 different types of abnormalities and different kernel is described below.
This simulations have 40, 000 Number of Observations, two Control Classes, one Target Classes,
Inconclusive Rate 0,Classified Rate1 and Prevalence 0.8034.The results of RBF kernel when
using PCA with different in Table 3 listed.
Table 3. Numerical results for different
Correct Rate Error Rate Sensitivity
0.1 0.9698 0.0302 0.9625
0.5 0.9926 0.0074 0.9909
4.5 0.9973 0.0027 0.9968
7. International Journal on Cybernetics Informatics (IJCI) Vol. 3, No. 4, August 2014
Sigmoid kernel in case of using PCA is further tested for different and and the results are
showninTable4. According to the table 4 can be found that, Change in the range of [ ] in
manner that increases and decreases, Increases the error rate and increase the negative
likelihood And therefore it be more possible to negative predictive value.
7
Table 4. Numerical results for different and
Correct Rate Error Rate Sensitivity
0.1 -0.6 0.9605 0.0395 0.9609
1.5 -0.6 0.9071 0.0929 0.9189
1.5 -1.6 0.8154 0.1846 0.9976
4.5 -0.6 0.8970 0.1030 0.9668
Result of the simulation with polynomial kernel and power3 can be seeninTable5.
Table 5. Numerical results for polynomial kernel with power 3
p Correct Rate Error Rate Sensitivity
3 0.9771 0.0029 0.9991
Because the data in experiment are not consisted linearly and regular distribution, algorithm
simulation with the PCA algorithm could not able to classify the data with a straight line .So we
are unable to use of linearly kernel function in this simulation.
Evaluate the impact of using PCA algorithm for intrusion detection, the algorithm error will be
have during the detection when using the PCA and not using it Figure 4 and 5 are shown. to be
seen correct rate and error rate when principal component analysis is used for selected features in
the kernel RBF and when principal component analysis is not used in quadratic kernel and linear
kernel the best value have, according to compared correct rate, RBF kernel that chosen features
with principal component analysis of the other kernel is better.
Figure 4. Numerical results for correct rate and impact of using PCA
8. International Journal on Cybernetics Informatics (IJCI) Vol. 3, No. 4, August 2014
8
Figure 5. Numerical results for error rates and the impact of using PCA
6. CONCLUSION
Given the widespread use of smart metering devices in the context of information technology in
the field of energy to manage user accounts that use networks for transferring data of readers’
measurement devices causes an increasing topic for attackers. Systems must be designed to
prevented manage data traffic over the network from attacks and sabotage activities in the field of
information technology. In this paper, effect of different kernels of used SVM in the attacks
classification algorithm i.e. intrusion detection systems exploiting support vector machine and
PCA as pre-processing for separating the normal activity of network attacks is assessed. Because
of the large number of features detected attacks and takes the vast amount of the computation,
principal component analysis is used widely to reduce dimension. To explore effect of different
kernel in intrusion detection system based on support vector machine and PCA, standard data
KDD99 is applied in the algorithm and different kernel support vector machines have been
evaluated. The results show that the correct detection rate and the rate of attack error detection
when using principal component analysis in all cores radial, quadratic and linear of the lack of
main components analysis have best value and total Radial Kernel accurate rate using the
principal component analysis of all cores is better.
REFERENCES
[1] D. Dillona, J. Wheeldona, R. Chub, G. Choib, C. Loya, “Summary of EPRI's Engineering and
Economic Studies of Post Combustion Capture Retrofit Applied at Various North American Host
Sites” , Energy Procedia, vol. 37, pp. 2349–2358, 2013.
[2] Dillon et al, “An Engineering and Economic Assessment of Post-Combustion CO2 Capture Applied
to FirstEnergy's Bay Shore Station Circulating Fluidized Bed Unit: Retrofit Study Report 5, EPRI
Report 1019398. December 2011.
[3] http://www.iransg.com/fa/knowledge/articles
[4] Dillon et al, “An Engineering and Economic Assessment of Post-Combustion CO2 Capture applied to
Nova Scotia Power's Coal-Fired Lingan Station: Retrofit Study: Report 3” EPRI Report 1019396.
December 2011.
[5] AEP Smart Grid Demonstration Host- Site Overview Product ID 1020226.
[6] American Electric Power (AEP) Smart Grid Demonstration Host-Site Project Description Product ID
1020188.
[7] V.Das, V.Pathak, S.Sharma, Sreevathsan, M. Srikanth, G.Kumar, Network Intrusion Detection
System Based on Machine Learning Algorithms, “International Journal of Computer Science
Information Technology (IJCSIT), vol. 2, no. 6,PP. 138-151, 2010.
[8] M. Hasan, M. Nasser, B. Pal, S. Ahmad, “Intrusion Detection Using Combination of various Kernels
Based Support Vector Machine,” International Journal of Scientific Engineering Research, vol. 4,
no. 9, 2013 .
[9] Heba F. Eid, Ashraf Darwish, Aboul Ella Hassanien, and Ajith Abraham, “ Principle Components
Analysis and Support Vector Machine base Intrusion Detection System”, IEEE 2010.
9. International Journal on Cybernetics Informatics (IJCI) Vol. 3, No. 4, August 2014
[10] S. Theodoridis, A. Pikrakis, K. Koutroumbas, and D. Cavouras, Introduction to Pattern Recognition
9
with MATLAB, Pashalidis Pubs [In Greek]. 2010
[11] DaveDittrich, Network monitoring/Intrusion Detection Systems (IDS), University of Washington,
Available Online At:
[12] L. I. Smith “A Tutorial on Principal Component Analysis.” Available at: http://csnet.otago.ac.nz
/cosc453/student_tutorials/principal_components.pdf. Accessed 2013-11-08.
[13] X.-Y. Wang and C.-Y. Cui, A novel image watermarking scheme against desynchronization attacks
by SVR revision, Journal of Visual Communication and Image Representation, vol. 19, pp. 334-342,
2008.
[14] A. Zainal, M. Aizaini Maarof and S. Shamsuddin, “Feature selection using rough set in intrusion
detection”, Tencon 2006, IEEE Region Conference, pp.1-4, 2006.
[15] L. Chun-hua, L. Zheng-ding and Z. Ke, An image watermarking technique based on support vector
regression, IEEE International Symposium on, Communications and Information Technology, vol. 1,
pp. 183-186, 2005.
[16] T. Hastie, R.Tibshirani, and J.Friedman, “The Elements of Statistical Learning: Data Mining,
Inference, and Prediction,” Springer, New York, 2001
[17] M. Tavallaee, E. Bagheri, W. Lu, and A.A. Ghorbani, “A detailed analysis of the KDD CUP 99 data
set”, Proceedings of the Second IEEE international conference on Computational intelligence for
security and defense applications, Ottawa, Ontario, Canada: IEEE Press, pp. 53-58, 2009
[18] S. Albayrak,F Amasyali., “Fuzzy c-Means Clustering on Medical Diagnostic Systems,” International
XII. Turkish Symposium on Artificial Intelligence and Neural Networks –TAINN, 2003.
[19] G. R. Zargar, P. Kabiri, “Selection of Effective Network Parameters in Attacks for Intrusion
Detection, ICDM 2010, pp. 643-652, 2010.
[20] A. H. Sung, and S. Mukkamala, “The Feature Selection and Intrusion Detection Problems”, Springer
Verlag Lecture Notes Computer Science 3321, pp. 468-482, 2004.
[21] J. H. Friedman, “Multivariate Adaptive Regression Splines”, Annals of Statistics 19, PP 1-67, 1991.
[22] H. G. Kayacık, A. N. Zincir-Heywood, and M. I. Heywood, “Selecting Features for Intrusion
Detection: A Feature Relevance Analysis on KDD 99 Intrusion Detection Datasets,” in Third Annual
Conference on Privacy, Security and Trust , St. Andrews, New Brunswick, Canada, 2005.
[23]A. Iftikhar, B. Azween , A. Abdullah, M. Hussain: “Optimized intrusion detection mechanism using
soft computing techniques,” Telecommunication Systems, vol. 52, no. 4, pp. 2187-2195, 2013.