Mapping Network Features to attack profiles to enhance the Real time Intrusion Detection

The immeasurable amount of data in network traffic has increased its vulnerability. Therefore, monitoring and analyzing traffic for threat hunting is inevitable. Analyzing and capturing realtime network traffic is challenging due to privacy and space concerns. However, many simulated datasets are available. Machine-learning based intrusion detection systems are trained on these datasets for attack detection. Selection of correct features has significant importance in determining the efficiency of various Ml-based algorithms. Hence, this paper provides a literature survey of the various machine learning based IDS. Features, attacks, machine learning algorithms and their corresponding datasets are identified in the survey. The survey may help researchers in identifying benchmark features correlated to network attacks. After a comprehensive survey, we selected one of the papers and did our experimentation on the feature set advised by the author. We reduced the feature set further and defined unique datasets corresponding to each attack. The reduced dataset further enhanced efficiency of the model by reducing execution time and improving space complexity. At the time of writing this thesis paper there is no such IDS that associates network features to attacks.

Published: https://link.springer.com/chapter/10.1007/978-3-031-21967-2_7