A detailed analysis of CICIDS2017 dataset for designing Intrusion Detection Systems

  • Abstract
  • Keywords
  • References
  • PDF
  • Abstract

    Many Intrusion Detection Systems (IDS) has been proposed in the current decade. To evaluate the effectiveness of the IDS Canadian Institute of Cybersecurity presented a state of art dataset named CICIDS2017, consisting of latest threats and features. The dataset draws attention of many researchers as it represents threats which were not addressed by the older datasets. While undertaking an experimental research on CICIDS2017, it has been found that the dataset has few major shortcomings. These issues are sufficient enough to biased the detection engine of any typical IDS. This paper explores the detailed characteristics of CICIDS2017 dataset and outlines issues inherent to it.Finally, it also presents a combined dataset by eliminating such issues for better classification and detection of any future intrusion detection engine.




  • Keywords

    CICIDS2017, Intrusion Detection Systems, IDS, Class Imbalance Problem, Recent Dataset for IDS

  • References

      [1] Mehmed Kantardzic; Jozef Zurada, "Using Data Mining for Intrusion Detection," in Next Generation of Data-Mining Applications , , IEEE, 2005, pp. doi: 10.1109/9780471696650.ch22.

      [2] R. A. Kemmerer and G. Vigna, “Intrusion Detection: A Brief History and Overview,” Computer Society, Vol. 35, No. 4, 2002, doi: 10.1109/MC.2005

      [3] Christos Douligeris; Dimitrios N. Serpanos, "Intrusion Detection Versus Intrusion Protection," in Network Security: Current Status and Future Directions, IEEE, 2007, pp. doi: 10.1002/9780470099742.ch7

      [4] Seppo J. Ovaska, "Intrusion Detection for Computer Security," in Computationally Intelligent Hybrid Systems: The Fusion of Soft Computing and Hard Computing, IEEE, 2005, pp. doi: 10.1002/9780471683407.ch8

      [5] Farooq Anjum; Petros Mouchtaris, "Intrusion Detection Systems," in Security for Wireless Ad Hoc Networks, Wiley, 2007, pp. doi: 10.1002/9780470118474.ch5

      [6] M. Tavallaee, E. Bagheri, W. Lu and A. A. Ghorbani, "A de-tailed analysis of the KDD CUP 99 data set," 2009 IEEE Sym-posium on Computational Intelligence for Security and De-fense Applications, Ottawa, ON, 2009, pp. 1-6. doi: 10.1109/CISDA.2009.5356528

      [7] Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorba-ni, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization”, 4th International Confer-ence on Information Systems Security and Privacy (ICISSP), Purtogal, January 2018

      [8] C. Mera and J. William Branch, "A Survey on Class Imbalance Learning on Automatic Visual Inspection," in IEEE Latin America Transactions, vol. 12, no. 4, pp. 657-667, June 2014. doi: 10.1109/TLA.2014.6868867.

      [9] S. Wang, L. L. Minku and X. Yao, "A Systematic Study of Online Class Imbalance Learning with Concept Drift," in IEEE Transactions on Neural Networks and Learning Systems. doi: 10.1109/TNNLS.2017.2771290.

      [10] Q. Song, Y. Guo and M. Shepperd, "A Comprehensive Inves-tigation of the Role of Imbalanced Learning for Software De-fect Prediction," in IEEE Transactions on Software Engineer-ing. doi: 10.1109/TSE.2018.2836442.

      [11] S. Wang and X. Yao, "Multiclass Imbalance Problems: Analy-sis and Potential Solutions," in IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics), vol. 42, no. 4, pp. 1119-1130, Aug. 2012. doi: 10.1109/TSMCB.2012.2187280

      [12] Benjamin J. Radford, Bartley D. Richardson, Shawn E. Davis. Sequence Aggregation Rules for Anomaly Detection in Com-puter Network Traffic. American Statistical Association 2018 Symposium on Data Science and Statistics, May 2018, pp. 1-13.

      [13] R. Vijayanand, D. Devaraj, B. Kannapiran, Intrusion detection system for wireless mesh network using multiple support vec-tor machine classifiers with genetic-algorithm-based feature selection, Computers & Security, Volume 77, 2018, Pages 304-314, ISSN 0167-4048, https://doi.org/10.1016/j.cose.2018.04.010.

      [14] L.Nicholas, S.Y. Ooi, Y.H. Pang, S.O. Hwang, S.Tan, "Study of long short-term memory in flow-based network intrusion detection system", Journal of Intelligent & Fuzzy Systems, vol. Pre-press, no. Pre-press, pp. 1-11, 2018, doi: 10.3233/JIFS-169836

      [15] A. Gharib, I. Sharafaldin, A. H. Lashkari and A. A. Ghorbani, "An Evaluation Framework for Intrusion Detection Dataset," 2016 International Conference on Information Science and Security (ICISS), IEEE Thailand, 2016, pp. 1-6.

      [16] M. Galar, A. Fernandez, E. Barrenechea, H. Bustince and F. Herrera, "A Review on Ensembles for the Class Imbalance Problem: Bagging-, Boosting-, and Hybrid-Based Approach-es," in IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), vol. 42, no. 4, pp. 463-484, July 2012. doi: 10.1109/TSMCC.2011.2161285

      [17] R. Longadge,S.S. Dongre,L. Malik, "Class Imbalance Problem in Data Mining: Review", International Journal of Computer Science and Network (IJCSN), Volume 2, Issue 1, February 2013, ISSN 2277-5420

      [18] S.M.A. Elrahman and A. Abraham, A Review of Class Imbal-ance Problem, Journal of Network and Innovative Computing, ISSN 2160-2174, Volume 1 (2013) pp. 332-340

      [19] Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorba-ni, Intrusion Detection Evaluation Dataset (CICIDS2017), Ca-nadian Institute of Cybersecurity, http://www.unb.ca/cic/datasets/ids-2017.html, Accessed on: 13/04/2018

      [20] Nallapaneni Manoj Kumar, Pradeep Kumar Mallick, “Blockchain technology for security issues and challenges in IoT”, Elsevier Procedia Computer Science Journal, Volume 132, Pages 1815-1823 , 2018, ISSN:1877-0509, UGC Sl No: 46138 and 48229, DOI: https://doi.org/10.1016/j.procs.2018.05.140.




Article ID: 22797
DOI: 10.14419/ijet.v7i3.24.22797

Copyright © 2012-2015 Science Publishing Corporation Inc. All rights reserved.