# Revision Paper Assignment | Homework Help Websites

Remove plagiarism. Paraphrase like 600 words.

Don't use plagiarized sources. Get Your Assignment on
Revision Paper Assignment | Homework Help Websites
Just from \$13/Page

NB: Do not change the meaning of the content.

## Statistical techniques

In Statistics based IDS, the behavior of the system is represented from a random viewpoint and the network traffic activity is captured and a profile representing its stochastic behavior is created. This profile is based on metrics such as the traffic rate, the number of packets for each protocol, the rate of connections, the number of different IP addresses, etc. Two datasets of network traffic are considered during the anomaly detection process: one corresponds to the currently observed profile over time, and the other is for the previously trained statistical profile. As the network events occur, the current profile is determined and an anomaly score estimated by comparison of the two behaviors. The score normally indicates the degree of irregularity for a specific event, such that the intrusion detection system will flag the occurrence of an anomaly when the score surpasses a certain threshold.

The earliest statistical approaches, both network oriented and host oriented IDS, corresponded to univariate models, which modelled the parameters as independent Gaussian random variables, thus defining an acceptable range of values for every variable. Later, multivariate models that consider the correlations between two or more metrics were proposed. These are useful because experimental data have shown that a better level of discrimination can be obtained from combinations of related measures rather than individually. Other studies have considered time series models, which use an interval timer, together with an event counter or resource measure, and take into account the order and the inter-arrival times of the observations as well as their values. Thus, an observed traffic instance will be labelled as abnormal if its probability of occurrence is too low at a given time.

Apart from their inherent features for use as anomaly based techniques, statistical A-NIDS approaches have a number of virtues. Firstly, they do not require prior knowledge about the normal activity of the target system; instead, they have the ability to learn the expected behavior of the system from observations. Secondly, statistical methods can provide accurate notification of malicious activities occurring over long periods of time. However, some drawbacks should also be pointed out. First, this kind of A-NIDS is susceptible to be trained by an attacker in such a way that the network traffic generated during the attack is considered as normal. Second, setting the values of the different parameters/metrics is a difficult task, especially because the balance between false positives and false negatives is affected. Moreover, a statistical distribution per variable is assumed, but not all behaviors can be modelled by using stochastic methods. Furthermore, most of these schemes rely on the assumption of a quasi-stationary process, which is not always realistic.

## 2.3.2.3 Knowledge based techniques

Knowledge based IDS techniques try to capture the claimed behavior from available system data (protocol specifications, network traffic instances, etc.). The so-called expert system approach is one of the most widely used knowledge-based IDS schemes. However, like other A-NIDS methodologies, expert systems can also be classified into other, different categories .Expert systems are intended to classify the audit data according to a set of rules, involving three steps. First, different attributes and classes are identified from the training data. Second, a set of classification rules, parameters or procedures are deduced. Third, the audit data are classified accordingly.

More restrictive/particular in some senses are specification based anomaly methods, for which the desired model is manually constructed by a human expert, in terms of a set of rules (the specifications) that seek to determine legitimate system behavior. If the specifications are complete enough, the model will be able to detect illegitimate behavioral patterns. Moreover, the number of false positives is reduced, mainly because this kind of system avoids the problem of harmless activities, not previously observed, being reported as intrusions. The most significant advantages of current approaches to anomaly detection are those of robustness and flexibility. Their main drawback is that the development of high-quality knowledge is often difficult and time-consuming. This problem, however, is common to other A-NIDS

## Markov Chain Model

A Markov model is a stochastic model used to model sequential or temporal randomly changing systems. It enables computation and reasoning with the model that are not easily solved or managed and gives a method to model the dependencies of the current information with previous information[93]. It is composed of emission of output, states and transition scheme between states. Patterns recognition, learning statistics of sequential data and performing estimation and prediction are the goals that Markov model accomplishes[94]. Hidden Markov model (HMM) is a stochastic model and a Markov technique where the states of the model are hidden with each state emitting observable output. It is a statistical model where the system being modelled is assumed to be a Markov process with unknown parameters. It allows variant structures to be modelled directly, allows more sequences to be significantly found, helps in generating alignments that corresponds each machine to one column in the alignment, and it ensures that models are readable.

The problem with Markov model is to determine the hidden parameters from the observable parameters and difficulty in solving and managing models. Unlike a regular Markov model, where the state transition probabilities are the only parameters and the state of the system is directly observable, in a hidden Markov model, the only visible elements are the variables of the system that are influenced by the state of the system, and the state of the system itself is hidden[95]. Computing Markov model memory and time algorithm is relatively expensive, in every sequence there are many HMMs thus difficult to choose and lacks one-to-one correspondence between symbols and states.

## Feature selection

Feature selection (FS) is a process of chucking out the irrel­evant and redundant features from the total feature space during the Pre-Processing step[152]. Moreover it reduces the negative effect on the actual machine learning algorithms[153]. Feature subset selection methodologies are broadly cat­egorized into, the filter method and the wrapper method.

The selection of feature subset in filter method is entirely dependent on the characteristics of the data­set not on the induction algorithm. Moreover, there are two directional approaches followed by filter method are forward selection and backward selection in sequential order[154]. In Sequential Forward Selection, we initiate with an empty set and insert rest of the features one by one. In Sequential backward selection, we initiate with full set of features and remove them one by one[155]. However wrapper method is entirely dependent on the induction algorithm, i.e. a predestined classifier is implemented to assess the selected set of features.

The Feature Selection is a renowned dimensionality reduction techniques for a given feature space. In dimensionality reduction mechanism a subset of the most pertinent features that contributes in machine learning process are chosen and other inappropriate and repetitive features are deleted[156]. A single irrelevant feature in the dataset tends to confuses ML process. Before the learning phase all the irrelevant features are removed in pre-processing phase, to reduce the adverse impact of these unrelated features on the classification algorithms[157]. The Feature reduction techniques have been readily iden­tified in the areas of ML and data mining for years.

## 3.5.2.1 Best First

This search strategy searches the subsets from feature space by using greedy hill climbing ampli­fied with backtracking. The intensity of backtracking may be controlled by locating an amount of successive non-improving nodes[162]. This search method works both in SFS and SBE mode or may start from any random point and search bidirectional. Therefore it have vari­ous control panels like direction, Search termination, start set and lookup Cache Size etc.

## 3.5.2.2 Greedy-step wise

Performs search of subset from the feature space in forward as well as in backward direc­tion using greedy hill climbing without backtracking facility[163]. It can also generate record of ranked features by scanning the feature space from one end to other end making the record of the order in which the fea­tures were selected.

## 3.5.2.3 Scatter search VI

It uses sequential scatter search algorithm for finding out the subsets in feature space. It starts with some significant and diverse subsets and stops depending on some threshold value or when no improvement is revealed[164]. Some of the control panels it have are combinations, seed and threshold.

Pages (550 words)
Approximate price: -

Why Choose Us

Quality Papers

At Myhomeworkwriters.com, we always aim at 100% customer satisfaction. As such, we never compromise o the quality of our homework services. Our homework helpers ensure that they craft each paper carefully to match the requirements of the instruction form.

With Myhomeworkwriters.com, every student is guaranteed high-quality, professionally written papers. We ensure that we hire individuals with high academic qualifications who can maintain our quality policy. These writers undergo further training to sharpen their writing skills, making them more competent in writing academic papers.

Affordable Prices

Our company maintains a fair pricing system for all academic writing services to ensure affordability. Our pricing system generates quotations based on the properties of individual papers.

On-Time delivery

My Homework Writers guarantees all students of swift delivery of papers. We understand that time is an essential factor in the academic world. Therefore, we ensure that we deliver the paper on or before the agreed date to give students ample time for reviewing.

100% Originality

Myhomeworkwriters.com maintains a zero-plagiarism policy in all papers. As such, My Homework Writers professional academic writers ensure that they use the students’ instructions to deliver plagiarism-free papers. We are very keen on avoiding any chance of similarities with previous papers.

Our customer support works around the clock to provide students with assistance or guidance at any time of the day. Students can always communicate with us through our live chat system or our email and receive instant responses. Feel free to contact us via the Chat window or support email: support@myhomeworkwriters.com.

Try it now!

## Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
\$0.00

How it works?

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Our Homework Writing Services

My Homework Writers holds a reputation for being a platform that provides high-quality homework writing services. All you need to do is provide us with all the necessary requirements of the paper and wait for quality results.

## Essay Writing Services

At My Homework Writers, we have highly qualified academic gurus who will offer great assistance towards completing your essays. Our homework writing service providers are well-versed with all the aspects of developing high-quality and relevant essays.

With Myhomeworkwriters.com, we will help you secure a position at your desired institution. Our essay writing services include the crafting of admissions papers. We will still help you climb your career ladder by helping you write the official papers that will help you secure a job. We will guide you on how to write an outstanding portfolio or resume.

Myhomeworkwriters.com has a professional editorial team that will help you organize your paper, paraphrase it, and eliminate any possible mistakes. Also, we will help you check on plagiarism to ensure that your final paper posses quality and originality.

Technical papers

My Homework Writers harbors professional academic writers from diverse academic disciplines. As such, we can develop homework writing services in all academic areas. The simplicity or complexity of the paper does not affect the quality of homework writing services.