Research Article Open Access

Improved Intrusion Detection System to Alleviate Attacks on DNS Service

Hani Mahmoud Al-Mimi1, Nesreen Adnan Hamad2, Mosleh Mohammad Abualhaj3, Sumaya Nabil Al-Khatib3 and Mohammad Osama Hiari3
  • 1 Department of Cybersecurity, Faculty of Science and Information Technology, Al-Zaytooanh University of Jordan, Amman, Jordan
  • 2 Department of Artificial Intelligence, Faculty of Science and Information Technology, Al-Zaytooanh University of Jordan, Amman, Jordan
  • 3 Department of Networks and Cybersecurity, Al-Ahliyya Amman University, Amman, Jordan

Abstract

Cybercriminals continuously devise new and more sophisticated ways to attack their targets’ security and cyberattacks are on the rise. One of the earliest and most vulnerable network services is the Domain Name System (DNS), which has had several security issues that have been repeatedly exploited over time. Building a strong Intrusion Detection System (IDS) that guards against unwanted access to network resources is essential to identify DNS attacks in the network and safeguard data. Recently, a number of interesting approaches have been developed as a cure-all for intrusion detection, but constructing a safe DNS system remains difficult because attackers frequently alter their tactics to move around the system’s security measures. In this study, we provide a self-learning model that detects the new attacks on DNS using machine learning classifiers. Support Vector Machine (SVM), K-nearest neighbor, Naive Bayes, and Decision Tree are used in the proposed model to classify data as intrusive or normal. The UNSW_NB15 dataset is used to assess the model performance. Data are pre-processed to eliminate irrelevant attributes from the dataset given that the dimensions of the data affect the success of an IDS. Empirical findings show that SVM and Decision Tree have the best performance for all the classifiers, with an accuracy rate of 99.99%. The performance of Naive Bayes is 99.89% for all attack types, which is the lowest of all the classifiers.

Journal of Computer Science
Volume 19 No. 12, 2023, 1549-1560

DOI: https://doi.org/10.3844/jcssp.2023.1549.1560

Submitted On: 26 June 2023 Published On: 9 November 2023

How to Cite: Al-Mimi, H. M., Hamad, N. A., Abualhaj, M. M., Al-Khatib, S. N. & Hiari, M. O. (2023). Improved Intrusion Detection System to Alleviate Attacks on DNS Service. Journal of Computer Science, 19(12), 1549-1560. https://doi.org/10.3844/jcssp.2023.1549.1560

  • 1,591 Views
  • 836 Downloads
  • 4 Citations

Download

Keywords

  • Machine Learning
  • DNS Attacks
  • IDS Systems
  • UNSW_NB15 Dataset