Nowadays, with the rapid increase in the number of applications and networks, the number of cyber multi-step attacks has been increasing exponentially. Thus, the need for a reliable and acceptable Intrusion Detection System (IDS) solution is becoming urgent to protect the networks and devices. However, implementing a robust IDS needs a reliable and up-to-date dataset in order to capture the behaviors of the new types of attacks especially a multi-step attack. In this paper, a new benchmark Multi-Step Cyber-Attack Dataset (MSCAD) is introduced. MSCAD includes two multi-step scenarios; the first scenario is a password cracking attack, and the second attack scenario is a volume-based Distributed Denial of Service (DDoS) attack. The MSCAD was assessed in two manners; firstly, the MSCAD was used to train IDS. Then, the performance of IDS was evaluated in terms of G-mean and Area Under Curve (AUC). Secondly, the MSCAD was compared with other free open-source and public datasets based on the latest keys criteria of a dataset evaluation framework. The results show that IDS-based MSCAD achieved the best performance with G-mean 0.83 and obtained good accuracy to detect the attacks. Besides, the MSCAD successfully passing twelve keys criteria.
Mohammad Almseidin, Imre Piller, Mouhammd Al-Kasassbeh and Szilveszter Kovacs, Fuzzy automaton as a detection mechanism for the multi-step attack, International Journal on Advanced Science, Engineering and Information Technology9(2), 2019.
2.
Mohammad Almseidin, Mouhammd Al-Kasassbeh and Szilveszter Kovacs, Detecting slow port scan using fuzzy rule interpolation, In 2019 2nd International Conference on new Trends in Computing Sciences (ICTCS), pages 1–6. IEEE, 2019.
3.
Da-pengMAN, Xue-zhenLI, WuYANG, WeiWANG and Shi-changXUAN, A multi-step attack recognition and prediction method via mining attacks conversion frequencies, Int J Wirel Microw Technol (IJWMT)2(2) (2012), 20–25.
4.
Shigen Shen, Keli Hu, Longjun Huang, Hongjie Li, Risheng Han and Qiying Cao, Quantal response equilibrium-based strategies for intrusion detection in wsns, , Mobile Information Systems2015 (2015).
5.
Yanxue Zhang, Dongmei Zhao and Jinxing Liu, The application of baum-welch algorithm in multistep attack, , The Scientific World Journal2014 (2014).
6.
Mohammad Almseidin, Jamil Al-Sawwa and Mouhammd Alkasassbeh, Anomaly-based intrusion detection system using fuzzy logic, In 2021 International Conference on Information Technology (ICIT), pages 290–295, IEEE, 2021.
7.
Mouhammd Al-Kasassbeh, Mohammad Almseidin, Khaled Alrfou and Szilveszter Kovacs, Detection of iot-botnet attacks using fuzzy rule interpolation, Journal of Intelligent & Fuzzy Systems39 (2020), 421–431.
8.
Shigen Shen, Haiping Zhou, Sheng Feng, Longjun Huang, Jianhua Liu, Shui Yu and Qiying Cao, Hsird: A model for characterizing dynamics of malware diffusion in heterogeneous wsns, Journal of Network and Computer Applications146 (2019), 102420.
9.
Shigen Shen, Longjun Huang, Haiping Zhou, Shui Yu, En Fan and Qiying Cao, Multistage signaling game-based optimal detection strategies for suppressing malware diffusion in fogcloud-based iot networks, IEEE Internet of Things Journal5(2) (2018), 1043–1054.
10.
Haiping Zhou, Shigen Shen and Jianhua Liu, Malware propagation model in wireless sensor networks under attack-defense confrontation, Computer Communications162 (2020), 51–58.
11.
Mohammad Almseidin, Mouhammd Al-kasassbeh and Szilveszter Kovacs, Fuzzy rule interpolation and snmp-mib for emerging network abnormality, International Journal on Advanced Science, Engineering and Information Technology9(3) (2019), 735–744.
12.
Mohammad Almseidin and Szilveszter Kovacs, Intrusion detection mechanism using fuzzy rule interpolation, Journal of Theoretical and Applied Information Technology96(16) (2018), 5473–5488.
13.
Jianhua Liu, XinWang, Shigen Shen, Guangxue Yue, Shui Yu and Minglu Li, A bayesian q-learning game for dependable task offloading against ddos attacks in sensor edge cloud, IEEE Internet of Things Journal8(9) (2020), 7546–7561.
14.
Markus Ring, Sarah Wunderlich, Deniz Scheuring, Dieter Landes and Andreas Hotho, A survey of network-based intrusion detection data sets, Computers and Security86 (2019), 147–167.
15.
Ansam Khraisat, Iqbal Gondal, Peter Vamplew and Joarder Kamruzzaman, Survey of intrusion detection systems: techniques, datasets and challenges, Cybersecurity2(1) (2019), 20.
16.
A taxonomy of network threats and the effect of current datasets on intrusion detection systems, , IEEE Access8 (2020), 104650–104675.
Mahbod Tavallaee, Ebrahim Bagheri, Wei Lu and Ali GhorbaniA., A detailed analysis of the kdd cup 99 data set, In 2009 IEEE symposium on computational intelligence for security and defense applications, pages 1–6. IEEE, 2009.
19.
Ali Shiravi, Hadi Shiravi, Mahbod Tavallaee and Ali GhorbaniA., Toward developing a systematic approach to generate benchmark datasets for intrusion detection, Computers & Security31(3) (2012), 357–374.
20.
Mohammad Almseidin, Maen Alzubi, Mouhammd Alkasassbeh and Szilveszter Kovacs, Applying intrusion detection algorithms on the kdd-99 dataset, , Production Systems and Information Engineering8 (2019), 51–67.
21.
Paul Hick, Emile Aben, Kc Claffy and Josh Polterock, the caida ddos attack 2007 dataset, 2007.
22.
Francesco Gringoli, Luca Salgarelli, Maurizio Dusi, Niccolo Cascarano, Fulvio Risso and ClaffyK.C., Gt: picking up the truth from the ground for internet traffic, ACM SIGCOMM Computer Communication Review39(5) (2009), 12–18.
23.
Mouhammd Alkasassbeh, Ghazi Al-Naymat, Ahmad Hassanat and Mohammad Almseidin, Detecting distributed denial of service attacks using data mining techniques, International Journal of Advanced Computer Science and Applications7(1) (2016), 436–445.
24.
Gideon Creech and Jiankun Hu, A semantic approach to hostbased intrusion detection systems using contiguousand discontiguous system call patterns, IEEE Transactions on Computers63(4) (2013), 807–819.
25.
Iman Sharafaldin, Arash Habibi Lashkari and Ali GhorbaniA., Toward generating a new intrusion detection dataset and intrusion traffic characterization, In ICISSP, pages 108–116, 2018.
26.
Ranjit Panigrahi and Samarjeet Borah, A detailed analysis of cicidsdataset for designing intrusion detection systems, International Journal of Engineering & Technology7(3.24) (2018), 479–482.
27.
Monowar BhuyanH., Dhruba BhattacharyyaK. and Jugal KalitaK., Towards generating real-life datasets for network intrusion detection, IJ Network Security17(6) (2015), 683–701.
28.
Javed Asharf, Nour Moustafa, Hasnat Khurshid, Essam Debie, Waqas Haider and Abdul Wahab, A review of intrusion detection systems using machine and deep learning in internet of things: Challenges, solutions and future directions, Electronics9(7) (2020), 1177.
29.
Shigen Shen, Haiping Zhou, Sheng Feng, Longjun Huang, Jianhua Liu, Shui Yu and Qiying Cao, Hsird: A model for characterizing dynamics of malware diffusion in heterogeneous wsns, Journal of Network and Computer Applications146 (2019), 102420.
30.
Amirhossein Gharib, Iman Sharafaldin, Arash Habibi Lashkari and Ali A. Ghorbani, An evaluation framework for intrusion detection dataset, In 2016 International Conference on Information Science and Security (ICISS), pages 1–6. IEEE, 2016.
31.
Al-SawwaJ. and LudwigS.A., A cost-sensitive centroidbased differential evolution classification algorithm applied to cancer data sets, In 2019 IEEE Symposium Series on Computational Intelligence (SSCI), pages 2514–2521, 2019.
32.
PuriA. and GuptaM.K., Comparative analysis of resampling techniques under noisy imbalanced datasets, In 2019 International Conference on Issues and Challenges in Intelligent Computing Techniques (ICICT), volume 1, pages 1–5, 2019.
33.
Nitesh ChawlaV., Kevin BowyerW., Lawrence HallO. and Philip KegelmeyerW., Smote: synthetic minority oversampling technique, , Journal of Artificial Intelligence Research16 (2002), 321–357.
34.
Hui Han, Wen-Yuan Wang and Bing-Huan Mao, Borderlinesmote: A new over-sampling method in imbalanced data sets learning, In Advances in Intelligent Computing, pages 878–887, Berlin, Heidelberg, 2005. SpringerBerlin Heidelberg.
35.
Gustavo BatistaE.A.P.A., Ronaldo PratiC. and Maria Carolina Monard, A study of the behavior of several methods for balancing machine learning training data, SIGKDD Explor Newsl6(1) (2004), 20–29.
36.
Ajinkya More, Survey of resampling techniques for improving classification performance in unbalanced datasets, 2016.
37.
Jun Ye, Multiple attribute decision-making methods based on the expected value and the similarity measure of hesitant neutrosophic linguistic numbers, {Cognitive Computation10(3) (2018), 454–463.
38.
SamaniR. and DavisG., Mcafee threat report q1, 2019.
