A Comprehensive Investigation on the Identification of Real and Encrypted Synthetic Network Attacks using Machine Learning Algorithms

Article Sidebar

pdf
Published: Jan 30, 2025

Main Article Content

Pratyush Shukla
a:1:{s:5:"en_US";s:53:"Jaypee University of Engineering and Technology, Guna";}
Swati Chaudhari
Archana Thakur

Abstract

Network Intrusion Detection System (NIDS) are enhanced and updated consistently, but at the same the network intruders and hackers are also modernizing and renovating their methodologies. Hence, it is very important to develop novel Intrusion Detection Systems which is constructive to deal with heterogeneous network attacks. Recent research indicates that the Intrusion Detection Systems powered by Machine Learning techniques are capable to curb these issues upto great extent but still there is a long way to go. There are several distinguished models and algorithms exist which are capable to detect networks attacks. Most of the existing research is focused upon building a robust system against common and prevalent network attack categories and these approaches do not extend to some peculiar and menacing network attacks, which are often encrypted to spoof the Intrusion Detection Systems. Hence, we have proposed an effective Decision Tree Model which is capable to detect such attacks with nearly 100% accuracy. We have also investigated and presented comparative study more than 10 machine learning models, using one of the latest dataset, HIKARI-2021 [1] dataset. Moreover, the existing research work, particularly dealing with encrypted attacks do not explicitly indicate the detection accuracy of encrypted network attack category and hence we have also worked upon individual network attack categories for various machine learning approaches.

Article Details

How to Cite
Shukla, P., Chaudhari, S. ., & Thakur, A. . (2025). A Comprehensive Investigation on the Identification of Real and Encrypted Synthetic Network Attacks using Machine Learning Algorithms. INFOCOMP Journal of Computer Science, 23(2). Retrieved from https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/3455
Issue
Vol. 23 No. 2 (2024): December
Section
Machine Learning and Computational Intelligence

Upon receipt of accepted manuscripts, authors will be invited to complete a copyright license to publish the paper. At least the corresponding author must send the copyright form signed for publication. It is a condition of publication that authors grant an exclusive licence to the the INFOCOMP Journal of Computer Science. This ensures that requests from third parties to reproduce articles are handled efficiently and consistently and will also allow the article to be as widely disseminated as possible. In assigning the copyright license, authors may use their own material in other publications and ensure that the INFOCOMP Journal of Computer Science is acknowledged as the original publication place.

References

A. Ferriyan, A. H. Thamrin, K. Takeda, and J. Murai, “Generating

Network Intrusion Detection Dataset Based on Real and Encrypted

Synthetic Attack Traffic,” Applied Sciences, vol. 11, no. 17, p. 7868,

Aug. 2021, doi: https://doi.org/10.3390/app11177868.

R. Sekar, Y. Guang, S. Verma, and T. Shanbhag. 1999. A highperformance

network intrusion detection system. In Proceedings of the

th ACM conference on Computer and communications security (CCS

’99). Association for Computing Machinery, New York, NY, USA, 8–17.

https://doi.org/10.1145/319709.319712

J. Shun and H. A. Malki, ”Network Intrusion Detection System

Using Neural Networks,” 2008 Fourth International Conference

on Natural Computation, Jinan, China, 2008, pp. 242-246, doi:

1109/ICNC.2008.900.

Sultana, N., Chilamkurti, N., Peng, W. et al. Survey on SDN

based network intrusion detection system using machine learning

approaches. Peer-to-Peer Netw. Appl. 12, 493–501 (2019).

https://doi.org/10.1007/s12083-017-0630-0

C. Sinclair, L. Pierce and S. Matzner, ”An application of machine

learning to network intrusion detection,” Proceedings 15th Annual

Computer Security Applications Conference (ACSAC’99), Phoenix, AZ,

USA, 1999, pp. 371-377, doi: 10.1109/CSAC.1999.816048.

K. A. Taher, B. Mohammed Yasin Jisan and M. M. Rahman, ”Network

Intrusion Detection using Supervised Machine Learning Technique with

Feature Selection,” 2019 International Conference on Robotics,Electrical

and Signal Processing Techniques (ICREST), Dhaka, Bangladesh, 2019,

pp. 643-646, doi: 10.1109/ICREST.2019.8644161.

R. Sommer and V. Paxson, ”Outside the Closed World: On Using

Machine Learning for Network Intrusion Detection,” 2010 IEEE Symposium

on Security and Privacy, Oakland, CA, USA, 2010, pp. 305-316,

doi: 10.1109/SP.2010.25.

A. Al-Hababi and S. C. Tokgoz, ”Man-in-the-Middle Attacks to Detect

and Identify Services in Encrypted Network Flows using Machine Learning,”

3rd International Conference on Advanced Communication

Technologies and Networking (CommNet), Marrakech, Morocco, 2020,

pp. 1-5, doi: 10.1109/CommNet49926.2020.9199617.

M. Conti, L. V. Mancini, R. Spolaor and N. V. Verde, ”Analyzing

Android Encrypted Network Traffic to Identify User Actions,” in IEEE

Transactions on Information Forensics and Security, vol. 11, no. 1, pp.

-125, Jan. 2016, doi: 10.1109/TIFS.2015.2478741.

M. Shen et al., ”Machine Learning-Powered Encrypted Network Traffic

Analysis: A Comprehensive Survey,” in IEEE Communications Surveys

& Tutorials, vol. 25, no. 1, pp. 791-824, Firstquarter 2023, doi:

1109/COMST.2022.3208196.

M. H. L. Louk and B. A. Tama, “Dual-IDS: A bagging-based gradient

boosting Decision Tree model for network anomaly intrusion detection

system,” Expert Systems with Applications, vol. 213, p. 119030, Mar.

, doi: https://doi.org/10.1016/j.eswa.2022.119030.

R. Fernandes and N. Lopes, ”Network Intrusion Detection Packet

Classification with the HIKARI-2021 Dataset: a study on ML Algorithms,”

10th International Symposium on Digital Forensics and

Security (ISDFS), Istanbul, Turkey, 2022, pp. 1-5, doi: 10.1109/ISDFS55398.2022.9800807.

KDD99 Dataset. UCI KDD Archive. 1999. Available online:

http://http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

(accessed on 10 November 2022).

N. Moustafa and J. Slay, ”UNSW-NB15: a comprehensive data set for

network intrusion detection systems (UNSW-NB15 network data set),”

Military Communications and Information Systems Conference

(MilCIS), Canberra, ACT, Australia, 2015, pp. 1-6, doi: 10.1109/Mil-

CIS.2015.7348942.

Sharafaldin, Iman et al. “Toward Generating a New Intrusion Detection

Dataset and Intrusion Traffic Characterization.” International Conference

on Information Systems Security and Privacy (2018).

S. R. Safavian and D. Landgrebe, ”A survey of Decision Tree classifier

methodology,” in IEEE Transactions on Systems, Man, and Cybernetics,

vol. 21, no. 3, pp. 660-674, May-June 1991, doi: 10.1109/21.97458.

P. H. Swain and H. Hauska, ”The Decision Tree classifier: Design and

potential,” in IEEE Transactions on Geoscience Electronics, vol. 15, no.

, pp. 142-147, July 1977, doi: 10.1109/TGE.1977.6498972.

Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah, and F. Ahmad,

“Network intrusion detection system: A systematic study of machine

learning and deep learning approaches,” Transactions on Emerging

Telecommunications Technologies, vol. 32, no. 1, Oct. 2020, doi:

https://doi.org/10.1002/ett.4150.