Decentralized Hybrid Intrusion Detection System for Cyber Attack Identification using Machine Learning

Decentralized Hybrid Intrusion Detection System for Cyber Attack Identification using Machine Learning

연구 분야: Safety

학회: 2023 International Conference on Data Science, Agents & Artificial Intelligence (ICDSAAI)

This research proposes a hybrid intrusion detection system that uses machine learning, file integrity monitoring, anomaly-based and signature-based rootkit detection, and signature-and anomaly-based detection. A distributed architecture is also used in my research to share real-time threat intelligence among numerous nodes. The system offers proactive response methods for automatic incident response, endpoint quarantine, and improved detection capabilities.This hybrid intrusion detection system combines rule-based and machine-learning algorithms to detect and prevent cyberattacks better. The system utilizes decentralized storage and distribution of alerts, improving scalability and availability. The main objective of this project is to develop highly effective and efficient IDS that can detect and prevent cyber attacks in real time. The proposed hybrid approach combines rule-based and machine-learning algorithms to achieve better detection rates and reduce false positives. The system architecture consists of a central server and multiple agents deployed across the network to collect data from various sources. The collected data is analyzed using rule-based and machine-learning techniques to identify potential threats. Alerts are then sent to the central server, which distributes them to the relevant agents for further analysis and response.The machine learning models are trained using a large dataset of normal and attack traffic, and the system continuously learns and adapts to new attack techniques. Using decentralized storage ensures that alerts are always available, even during network disruptions or server failures. The effectiveness of the proposed system was evaluated using various performance metrics, including detection rate, false positive rate, and response time.The results indicate the system achieves high detection rates while minimizing false positives and response times. Overall, the proposed system provides a comprehensive solution for intrusion detec... Show More