Machine Learning-Driven Intrusion Detection: Enhancing Security Against Brute Force Attacks
Keywords:
Intrusion Detection System (IDS), SSH, FTPAbstract
With the rise in internet usage, networks face increasing cyber threats, particularly brute force attacks on services like SSH and FTP. The project "Castpone" aims to develop a Machine Learningbased Intrusion Detection System (IDS) to efficiently detect such attacks. Utilizing the CSECIC- IDS2018 dataset and a custom data capture setup, the approach involves traffic acquisition, feature extraction via CICFlowMeter, preprocessing, and intelligent feature selection. Multiple classifiers—Decision Tree, Random Forest, Naïve Bayes, K-Nearest Neighbors, and Multi-Layer Perceptron—were evaluated using metrics like Precision, Recall, F1-Score, Accuracy, and computational efficiency. Decision Tree and Random Forest models outperformed others, proving effective for real-time intrusion
detection due to their speed and accuracy. The study underscores the importance of model selection and feature engineering, with Random Forest-based feature selection reducing overhead without sacrificing performance. Overall, "Castpone" lays the groundwork for scalable, adaptive IDS solutions suitable for evolving cybersecurity landscapes.
Downloads
References
1. Performance analysis of intrusion detection for deep learning model based on CSE-CIC-IDS2018 dataset. Link
2. SSH-Brute Force Attack Detection Model based on Deep Learning. ResearchGate, 2023. Link
3. Aljanabi, M., Ismail, M.A., Ali, A.H. Intrusion detection systems, issues, challenges, and needs. Int. J. Comput. Intell. Syst., 2021.
4. Alzaqebah, A., Aljarah, I., Al-Kadi, O., Damaševičius, R. Modified Grey Wolf Optimization Algorithm for IDS. Mathematics, 2022.
5. Ambusaidi, M.A., He, X., Nanda, P., Tan, Z. Building an IDS using a filter-based feature selection algorithm. IEEE Trans. Comput., 2016.
6. Canadian Institute For Cybersecurity. CICFlowMeter-V4.0 for anomaly detection. Link
7. Chimphlee, S., Chimphlee, W. Machine learning to improve anomaly-based network intrusion detection. Indones. J. Electr. Eng. Comput. Sci., 2023.
8. Gautam, R.K.S., Doegar, E.A. An ensemble approach for IDS using machine learning algorithms. 2018 8th International Conference on Cloud Computing.
9. IDS 2018 Datasets, Canadian Institute for Cybersecurity. Link
10. Jaradat, A.S., Barhoush, M.M., Easa, R.B. Machine learning approach for network intrusion detection. Indones. J. Electr. Eng. Comput. Sci., 2022.
11. Kaja, N., Shaout, A., Ma, D. Intelligent intrusion detection system. Appl. Intell., 2019.
12. Karatas, G., Demir, O., Sahingoz, O.K. Improving IDS performance on an imbalanced dataset. IEEE Access, 2020.
13. Khan, M.A. HCRNNIDS: Hybrid convolutional recurrent neural network-based IDS. Processes, 2021.
14. Kim, J., Shin, Y., Choi, E. IDS based on a Convolutional Neural Network. J. Multimed. Inf. Syst., 2019.
15. Malliga, S., Nandhini, P.S., Kogilavani, S.V. Review of deep learning techniques for DoS attack detection. Inf. Technol. Control, 2022.
16. Momand, A., Jan, S.U., Ramzan, N. Survey of IDS using machine learning, deep learning, datasets, and attack taxonomy. J. Sens., 2023.
17. Muhsen, A.R., Jumaa, G.G., Bakri, N.F.A., Sadiq, A.T. Feature selection strategy for NIDS using Meerkat Clan Algorithm. Int. J. Interact. Mob. Technol., 2021.
18. Nassif, A.B., Talib, M.A., Nasir, Q., Dakalbab, F.M. Machine Learning for Anomaly Detection: A Systematic Review. IEEE Access, 2021.
19. patator | Kali Linux Tools. Link
20. Qusyairi, R., Saeful, F., Kalamullah, R. Ensemble learning and feature selection for improved IDS performance. IAICT, 2020.
21. Songma, S., Sathuphan, T., & Pamutha, T. Optimizing IDS on the CSE-CIC-IDS-2018 dataset. Computers, 2023. DOI
