Skip to main content
SpringerLink
Log in

Performance Evaluation of Signature Based and Anomaly Based Techniques for Intrusion Detection

  • Conference paper
  • First Online:
Intelligent Systems Design and Applications (ISDA 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 717))

  • 324 Accesses

Abstract

In the age of information technology everything is derived using information systems and allows us to communicate with each other. Internet acts as a medium to communicate among various devices from our wrist watch to our personal computers, TVs, refrigerators, etc. all are connected. But with all this luxury of comforts comes with the cost of security threats. Hence, it becomes very important to address issues related to security. We propose a hybrid intrusion detection system that is based on signature based and anomaly based Intrusion Detection System to address the need of today. While signature based approaches are designed to classify previously known attacks, anomaly detection learn traffic profiles and detect which network packets are normal traffic and which are not. With this ability, this technique helps to identify zero day attacks also. Our approach suggests the process from dataset preprocessing to model training and testing, this will provide proper guidance for building any type of Intrusion Detection System (IDS). Our proposed model achieves a accuracy of 99.67 % for signature based approach and 96.833 % for anomaly based approach on the CICIDS2017 dataset. Results show substantial scope for real world applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 219.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 279.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Amarasinghe, K., Kenney, K., Manic, M.: Toward explainable deep neural network based anomaly detection, In: 2018 11th International Conference on Human System Interaction (HSI), pp. 311-317 (2018)

    Google Scholar 

  2. Yang, L., Moubayed, A., Hamieh, I., Shami, A.: Tree-Based intelligent intrusion detection system in internet of vehicles, In: 2019 IEEE Global Communications Conference (GLOBECOM), pp. 1-6 (2019)

    Google Scholar 

  3. Yang, L., Moubayed, A., Shami, A.: MTH-IDS: a multi-tiered hybrid intrusion detection system for internet of vehicles. IEEE Internet of Things J. 9(1), 616–632 (2022)

    Article  Google Scholar 

  4. Yang, L., Shami, A., Stevens, G., DeRusett, S.: LCCDE: a decision-based ensemble framework for intrusion detection in the internet of vehicles. In: 2022 IEEE Global Communications Conference (GLOBECOM), 1-6 (2022)

    Google Scholar 

  5. Weng, L.W., et al.: E-GraphSAGE: a graph neural network based intrusion detection system for IoT. In: oms 2022-2022 IEEE/IFIP Network Operations and Management Symposium, pp. 1-9 (2022)

    Google Scholar 

  6. Dietz, M., Vielberth, M., Pernul, G.: Integrating digital twin security simulations in the security operations center. In: Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES 20) Association for Computing Machinery New York, USA 18, 1-9 (2020)

    Google Scholar 

  7. Qu, F., Zhang, J., Shao, Z., Qi, S.: An intrusion detection model based on deep belief network. In: Proceedings of the 2017 VI International Conference on Network, Communication and Computing (ICNCC 2017). Association for Computing Machinery., New York, NY, USA,97-101 (2017)

    Google Scholar 

  8. Dragoi, M., Burceanu, E., Haller, E., Manolache, A., Brad, F.: AnoShift: a distribution shift benchmark for unsupervised anomaly detection. 36TH conference on neural information processing systems datasets and benchmarks track (2022)

    Google Scholar 

  9. Sharafaldin, I., Lashkari, A. H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization, Proceedings International Conference Information Systems secure Privacy,108-116 (2018)

    Google Scholar 

  10. Kus, D., et al.: A False Sense of Security? Revisiting the state of machine learning-based industrial intrusion detection. In: Proceedings of the 8th ACM on Cyber-Physical System Security Workshop (CPSS ’22). Association for Computing Machinery. New York, NY, USA, pp. 73-84 (2022)

    Google Scholar 

  11. Saiah, J., King, H., Huang, H.: EULER: detecting network lateral movement via scalable temporal link prediction (2022)

    Google Scholar 

  12. Ullah, S, et al.: HDL-IDS: a Hybrid deep learning architecture for intrusion detection in the internet Veh. Sens., p. 22(4), 1340 (2022)

    Google Scholar 

  13. Ahmad, Z., Shahid Khan, A., Wai Shiang, C., Abdullah, J., Ahmad, F.: Network intrusion detection system: a systematic study of machine learning and deep learning approaches. Trans. Emerg. Tel Tech. 32, e4150 (2021)

    Google Scholar 

  14. Mukaram, S., et al.: Improved binary gray wolf optimizer and SVM for intrusion detection system in wireless sensor networks. J. Ambient Intell. Humanized Comput., 1-18 (2021)

    Google Scholar 

  15. Smys, S., Basar, A., Wang, H.: Hybrid intrusion detection system for internet of things (IoT). J. ISMAC. 2(4), 190-199 (2020)

    Google Scholar 

  16. Ansam, K., et al.: Hybrid intrusion detection system based on the stacking ensemble of c5 decision tree classifier and one class support vector machine. electronics 9, 173 (2020)

    Google Scholar 

  17. Chao, L., et al.: Intrusion detection system for the internet of things based on blockchain and multi-agent systems. Electronics (2020)

    Google Scholar 

  18. Amine, F.M., et al.: Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J. Inf. Secur. Appl., 50 (2020)

    Google Scholar 

  19. Iqbal H.S., et al.: IntruDTree: a machine learning based cyber security intrusion detection model. symmetry 12, 754 (2020)

    Google Scholar 

  20. Jiyeon, k., et al.: CNN-Based network intrusion detection against denial-of-service attacks. Electronics 9, 916 (2020)

    Google Scholar 

  21. Simon, J., Kapileswar, N., Polasi, P.K., Elaveini, M.A.: Hybrid intrusion detection system for wireless IoT networks using deep learning algorithm, Comput. Electr. Eng., 102108190, ISSN, pp. 0045-7906 (2022)

    Google Scholar 

  22. Yang, L., Shami, A.: A transfer learning and optimized CNN based intrusion detection system for internet of vehicles, ICC 2022 In: IEEE International Conference on Communications, pp. 2774-2779 (2022)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, National Institute of Technology, Surathkal, Karnataka, India

    Vivek Kumar Agrawal & Bhawana Rudra

Authors
  1. Vivek Kumar Agrawal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bhawana Rudra
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vivek Kumar Agrawal .

Editor information

Editors and Affiliations

  1. Faculty of Computing and Data Science, FLAME University, Pune, Maharashtra, India

    Ajith Abraham

  2. Center for Smart Computing Continuum, Burgenland, Austria

    Sabri Pllana

  3. University of Bari, Bari, Italy

    Gabriella Casalino

  4. University of Jinan, Jinan, Shandong, China

    Kun Ma

  5. Department of Computer Science and Engineering, Thapar Institute of Engineering and Technology, Patiala, Punjab, India

    Anu Bajaj

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Agrawal, V.K., Rudra, B. (2023). Performance Evaluation of Signature Based and Anomaly Based Techniques for Intrusion Detection. In: Abraham, A., Pllana, S., Casalino, G., Ma, K., Bajaj, A. (eds) Intelligent Systems Design and Applications. ISDA 2022. Lecture Notes in Networks and Systems, vol 717. Springer, Cham. https://doi.org/10.1007/978-3-031-35510-3_47

Download citation

Publish with us

Policies and ethics

Search

Navigation