Improved Intrusion Detection System to Alleviate Attacks on DNS Service
- 1 Department of Cybersecurity, Faculty of Science and Information Technology, Al-Zaytooanh University of Jordan, Amman, Jordan
- 2 Department of Artificial Intelligence, Faculty of Science and Information Technology, Al-Zaytooanh University of Jordan, Amman, Jordan
- 3 Department of Networks and Cybersecurity, Al-Ahliyya Amman University, Amman, Jordan
Abstract
Cybercriminals continuously devise new and more sophisticated ways to attack their targets’ security and cyberattacks are on the rise. One of the earliest and most vulnerable network services is the Domain Name System (DNS), which has had several security issues that have been repeatedly exploited over time. Building a strong Intrusion Detection System (IDS) that guards against unwanted access to network resources is essential to identify DNS attacks in the network and safeguard data. Recently, a number of interesting approaches have been developed as a cure-all for intrusion detection, but constructing a safe DNS system remains difficult because attackers frequently alter their tactics to move around the system’s security measures. In this study, we provide a self-learning model that detects the new attacks on DNS using machine learning classifiers. Support Vector Machine (SVM), K-nearest neighbor, Naive Bayes, and Decision Tree are used in the proposed model to classify data as intrusive or normal. The UNSW_NB15 dataset is used to assess the model performance. Data are pre-processed to eliminate irrelevant attributes from the dataset given that the dimensions of the data affect the success of an IDS. Empirical findings show that SVM and Decision Tree have the best performance for all the classifiers, with an accuracy rate of 99.99%. The performance of Naive Bayes is 99.89% for all attack types, which is the lowest of all the classifiers.
DOI: https://doi.org/10.3844/jcssp.2023.1549.1560
Copyright: © 2023 Hani Mahmoud Al-Mimi, Nesreen Adnan Hamad, Mosleh Mohammad Abualhaj, Sumaya Nabil Al-Khatib and Mohammad Osama Hiari. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 1,591 Views
- 836 Downloads
- 4 Citations
Download
Keywords
- Machine Learning
- DNS Attacks
- IDS Systems
- UNSW_NB15 Dataset