Anomaly-based Intrusion Detection in Computer Networks Using Machine Learning Techniques
DOI:
https://doi.org/10.52575/2687-0932-2025-52-2-465-475Keywords:
computer networks, intrusion detection system, anomalies, machine learningAbstract
The relevance of this paper is based on the need to detect malicious activity and intrusions into a network or device as part of countermeasures and suppression of cyberattacks and cybercrime. The software proposed is a network-level intrusion detection system that uses an anomalous approach to interpret network traffic and passive response and data retrieval modes. The architecture of the proposed network-based intrusion detection system contains a module for listening to transmitted and received data packets and storing the data as a dataset, an analysis and response module, and a user interface module. In the course of development, we prepared data for further training of the system and determined the mechanisms of data formation in the selected training dataset. Based on the studied mechanisms, we implemented an algorithm for listening to network packets and forming a new test dataset. Common machine learning algorithms were applied in the analysis and response module that contains a handler and allows the user to select and run the desired machine learning algorithm. To evaluate the quality of classification algorithms, network attacks on protected computer networks were simulated. We conducted testing on a balanced dataset, in a network that was free of network attacks, while pre-trained algorithms were tested in a network with and without network attacks. The pre-trained algorithms showed acceptably high accuracy results.
Downloads
References
Список литературы
Григорьев А. 2023. Машинное обучение. Портфолио реальных проектов. Спб: Питер, 496 с.
Исследование ГК «Солар»: Атаки на российские компании в III квартале 2023 года [Электронный ресурс]. URL: https://rt-solar.ru/analytics/reports/3889/ (дата обращения: 12.12.2024).
Мартин Р. 2022. Чистая архитектура. Искусство разработки программного обеспечения. Санкт-Петербург: Питер, 352 с.
Отчет о DDOS-атаках за третий квартал 2023 года от StormWall [Электронный ресурс]. URL: https://stormwall.pro/otchet-o-ddos-atakah-2023-tretij-kvartal (дата обращения: 12.12.2024).
Плас Дж. 2021. Python для сложных задач: наука о данных и машинное обучение. СПб: Питер, 576 с.
Репозиторий с данными об уязвимостях Cross Site Scripting (XSS) Vulnerability Payload List [Электронный ресурс]. URL: https://github.com/payloadbox/xss-payload-list (дата обращения: 12.12.2024).
Репозиторий с данными по информационной безопасности SecList [Электронный ресурс]. URL: https://github.com/danielmiessler/SecLists (дата обращения: 12.12.2024).
Репозиторий свободной системы обнаружения вторжений Open Source Tripwire [Электронный ресурс]. URL: https://github.com/Tripwire/tripwire-open-source (дата обращения: 12.12.2024).
Репозиторий свободной системы обнаружения вторжений Snort [Электронный ресурс]. URL: https://github.com/snort3/snort3 (дата обращения: 12.12.2024).
Репозиторий свободной системы обнаружения вторжений Zeek [Электронный ресурс]. URL: https://github.com/zeek/zeek (дата обращения: 12.12.2024).
Траск Э. 2022. Грокаем глубокое обучение. Спб: Питер, 352 с.
A Realistic Cyber Defense Dataset (CSE-CIC-IDS2018) [Электронный ресурс]. URL: https://registry.opendata.aws/cse-cic-ids2018/ (дата обращения: 12.12.2024).
Kelleher J.D. 2019. Deep Learning. The Massachusetts Institute of Technology, 296 p.
Kneusel R.T. 2022. Math for Deep Learning. A practitioner`s guide to mastering neural networks. – San Francisco: No Starch Press, 344 p.
Madani A. 2023. Debugging Machine Learning Models with Python. Develop high-performance, low bias, and explainable machine learning and deep learning models. Birmingham: Packt Publishing Ltd., 344 p.
Weber H. 2020. Big Data and Artificial Intelligence. Complete Guide to Data Science, AI, Big Data and Machine Learning. Independently Published: Hans Weber, 160 p.
Yuxi (Hayden) Liu. 2020. Python Machine Learning By Example. Third Edition. Build intelligent systems using Python, Tensor Flow 2, PyTorch, and scikit-learn. Birmingham: Packt Publishing Ltd., 526 p.
References
Grigor'ev A. 2023. Mashinnoe obuchenie. Portfolio real'nyh proektov [Machine Learning. Portfolio of real projects]. Spb: Piter, 496 p.
Issledovanie GK «Solar»: Ataki na rossijskie kompanii v III kvartale 2023 goda [Solar Group Research: Attacks on Russian companies in Q3 2023] [Elektronnyj resurs]. URL: https://rt-solar.ru/analytics/reports/3889/ (data obrashcheniya: 12.12.2024).
Martin R. 2022. Chistaya arhitektura. Iskusstvo razrabotki programmnogo obespecheniya [Pure Architecture. The art of software development]. Sankt-Peterburg: Piter, 352 p.
Otchet o DDOS-atakah za tretij kvartal 2023 goda ot StormWall [DDOS attacks report for the third quarter of 2023 from StormWall] [Elektronnyj resurs]. URL: https://stormwall.pro/otchet-o-ddos-atakah-2023-tretij-kvartal (data obrashcheniya: 12.12.2024).
Plas Dzh. 2021. Python dlya slozhnyh zadach: nauka o dannyh i mashinnoe obuchenie [Python for complex problems: data science and machine learning]. SPb: Piter, 576 p.
Repozitorij s dannymi ob uyazvimostyah Cross Site Scripting (XSS) Vulnerability Payload List [Elektronnyj resurs]. URL: https://github.com/payloadbox/xss-payload-list (data obrashcheniya: 12.12.2024).
Repozitorij s dannymi po informacionnoj bezopasnosti SecList [Elektronnyj resurs]. URL: https://github.com/danielmiessler/SecLists (data obrashcheniya: 12.12.2024).
Repozitorij svobodnoj sistemy obnaruzheniya vtorzhenij Open Source Tripwire [Elektronnyj resurs]. URL: https://github.com/Tripwire/tripwire-open-source (data obrashcheniya: 12.12.2024).
Repozitorij svobodnoj sistemy obnaruzheniya vtorzhenij Snort [Elektronnyj resurs]. URL: https://github.com/snort3/snort3 (data obrashcheniya: 12.12.2024).
Repozitorij svobodnoj sistemy obnaruzheniya vtorzhenij Zeek [Elektronnyj resurs]. URL: https://github.com/zeek/zeek (data obrashcheniya: 12.12.2024).
Trask E. 2022. Grokaem glubokoe obuchenie [Grokai deep learning]. Spb: Piter, 352 p.
A Realistic Cyber Defense Dataset (CSE-CIC-IDS2018) [Elektronnyj resurs]. URL: https://registry.opendata.aws/cse-cic-ids2018/ (data obrashcheniya: 12.12.2024).
Kelleher J.D. 2019. Deep Learning. The Massachusetts Institute of Technology, 296 p.
Kneusel R.T. 2022. Math for Deep Learning. A practitioner`s guide to mastering neural networks. – San Francisco: No Starch Press, 344 p.
Madani A. 2023. Debugging Machine Learning Models with Python. Develop high-performance, low bias, and explainable machine learning and deep learning models. Birmingham: Packt Publishing Ltd., 344 p.
Weber H. 2020. Big Data and Artificial Intelligence. Complete Guide to Data Science, AI, Big Data and Machine Learning. Independently Published: Hans Weber, 160 p.
Yuxi (Hayden) Liu. 2020. Python Machine Learning By Example. Third Edition. Build intelligent systems using Python, Tensor Flow 2, PyTorch, and scikit-learn. Birmingham: Packt Publishing Ltd., 526 p.
Abstract views: 24
Share
Published
How to Cite
Issue
Section
Copyright (c) 2025 Economics. Information Technologies
This work is licensed under a Creative Commons Attribution 4.0 International License.
