Authors: Noor Suhana Sulaiman, Rohani Abu Bakar, Norrozila Sulaiman

Abstract:

Intrusion Detection System is significant in network security. It detects and identifies intrusion behavior or intrusion attempts in a computer system by monitoring and analyzing the network packets in real time. In the recent year, intelligent algorithms applied in the intrusion detection system (IDS) have been an increasing concern with the rapid growth of the network security. IDS data deals with a huge amount of data which contains irrelevant and redundant features causing slow training and testing process, higher resource consumption as well as poor detection rate. Since the amount of audit data that an IDS needs to examine is very large even for a small network, classification by hand is impossible. Hence, the primary objective of this review is to review the techniques prior to classification process suit to IDS data.

Keywords: Intrusion Detection System, security, soft computing, classification.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1081295

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1828

References:

[1] Dasarathy, B.V. (2003). Intrusion detection. Information Fusion, 4, pp.243-245.
[2] Ye, Q., Wu X.P. a*, Liu Y.Q. b*, Huang, G.F. c*. (2010). A Hybrid Model of RST and DST with Its Application in Intrusion Detection. Depart. of Information security, Naval University of Engineering a,c*, Naval Institute of Compute Technology, Beijing, China b*.
[3] Bishop, M. (2003). Computer security e art and science: Addison Wesley
[4] Sung, A.H., Mukkamala, S. (2003). Identifying important features for intrusion detection using support vector machines and neural networks. Proceedings of International Symposium on Applications and the Internet (SAINT 2003), p. 209e17.
[5] WenJie, T., JiCheng, L. (2009). Intrusion Detection Quantitative Analysis with Support Vector Regression and Particle Swarm Optimization Algorithm. Beijing Union University, Beijing, China
[6] Chen, L., Shi, L., Jiang, Q., & Wang, S. (1983-1992). Supervised Feature Selection for Dos Detection Problems Using a New Clustering Criterion. Journal of Computational Information Systems, 3(5)
[7] Shi-Jinn, H., a,b,*, Ming-Yang, S., c*, Yuan-Hsin, C., b*, Tzong-Wann, K., d*, Rong-Jian, C., b*, Jui-Lin, L., b*, Citra Dwi P., a*, (2011). A novel intrusion detection system based on hierarchical clustering and support vector machines. a Department of Computer Science and Information Engineering, National Taiwan University of Science and Technology, Taipei, Taiwan b Department of Electronic Engineering, National United University, Miaoli, Taiwan, c Department of Computer Science and Information Engineering, Ming Chuan University, Taoyuan, Taiwan d Department of Electronic Engineering, Northern Taiwan Institute of Science and Technology, Taipei, Taiwan.
[8] Ling, Y.,Bo, C., Junmo, X. (2007). An Integrated System of Intrusion Detection Based on Rough Set and Wavelet Neural Network. Nanjing, China
[9] Koller, D., & Sahami, M. (1996). Toward optimal feature selection. Proceedings of the International Conference on Machine Learning.
[10] Xiang, C., Bing-Xiang, L., & Yi-Lai, Z. (2010). Attribute Reduction Method Applied to IDS. Information engineering Institute, Jingdezhen Ceramic Institute.
[11] Fanping, Z., Kaitao, Y., Minghui, C., & Xufa, W. (2009). A New Anomaly Detection Method Based on Rough Set Reduction and HMM. University of Science and Technology of China, Anhui, China
[12] Mukherjee, B., Heberlein, L.T., & Levitt, K.N. (1994, May). Network intrusion detection. IEEE Network, (3):pp 26-41
[13] Susan, C.L., & David V.H. (2001). Training a neural-network based intrusion detector to recognize novel attacks. IEEE Transactions on systems, man and cybernetics-part a: System and Humans, Vol 31 No4, pp294-299
[14] Debar, H., Becke, M., & Siboni, D. (1992). A neural network component for an intrusion detection system. Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy.
[15] Manganaris. (2000). A data mining analysis of RTID alarms. Computer Networks, Vol 34, No 4 pp571-577.
[16] Tran, Q., Zhang, Q.L., & Li, X. (2002). SVM classification-based intrusion detection system. Journal of China Institute of Communications, Vol 23, No.5.
[17] Warrender, C., Forrest, S., & Pealmutt, B. (1999). Detecting intrusion using system calls: alternative data mode. IEEE Symposium on Security and Privacy.
[18] Hofmeyr, S.A., Forrest, S., & Somayaji, A. (1998). Intrusion detection using sequences of system calls. Journal of Computer Security, Vol. 6, pp 151-180.
[19] Asaka, M., Onabuta, T., Inoue, T., Okazawa, S., & Goto, S. (2001). A New Intrusion Detection Method Based on Discriminant Analysis. IEICE Transactions on Information and Systems, pp 570-577, 5.
[20] Beynon, M. J., Curry, & B., Morgan, P.H. (2000). Classification and Rule Induction Using Rough Set Theory. Expert Systems, Vol 17, NO 3, pp 136-148
[21] Forrest, S., Ofmeyr, S.A., Somayaji, A. (1996). A Sense of Self for Unix Processes. IEEE Computer Society, In Proceedings of 1996 IEEE Symposium on ComputerSecurity and Privacy, New York, pp120-128
[22] Jian, L., Zhang G., Gu G. (2004). The research and implementation of intelligent intrusion detection system based on artificial neural network. The 3rd International Conference on Machine Learning and Cybernetics, Shanghai.
[23] Hofmann, A., Schmitz, C., & Sick, B. (2003). Rule extraction from neural networks for intrusion detection in computer networks systems. IEEE Transactions on system, Man and Cybernetics, IEEE Inc,CA, pp.1259-1265.
[24] Golovko, & V., Kochurko, P. (2005, September). Intrusion Recognition Using Neural Networks. IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, Sofia, Bulgaria, pp.108-111.
[25] Sung, A.H., & Mukkamala, S. (2003). Identifying Important Features for Intrusion Detection using Vector Machines and Neural Networks. Proceedings of International Symposium on applications and the Internet Technology, pp. 209-216
[26] Shazzad, K.M., & Jong S. P. (2005, Dec). Optimization of Intrusion Detection through Fast Hybrid Feature Selection. Parallel and Distributed Computing, Applications and Technologies, PDCAT 2005. Sixth International Conferenc, pp. 264-267.
[27] Luyin, C., Qingshan J., Lifei, C. (2008). A Feature Selection Method for Network Intrusion Detection. Computer Research and Development Supplement, 45(10):156-160.
[28] Vapnik, V. (1995). The Nature of Statistical Learning Theory. Springer- Verlag Press, New York , American
[29] Cortes, C., & Vapnik, V. (1995). Support vector networks. Machine Learning, Vol.20, No.3, 273-297
[30] Hansung, L., Jiyoung, S., & Daihee, Park. (2005). Intrusion Detection System Based on Multi-class SVM. Lecture Notes in Computer Science, vol.3642, Springer Berlin, 9, pp.511-519.
[31] Mukkamala, S., Janoski, G., Sung, A.H. (2002). Intrusion Detection Using Neural Networks and Support Vector Machines. Proceedings of IEEE International Joint Conference on Neural Networks, Vol 2, Honolulu, 5, pp. 1702-1707.
[32] Dong, S. K., Ha, N.N., Jong, S.P. (2005). Genetic algorithm to improve SVM based network intrusion detection system. 19th International Conference on Advanced Information Networking and Applications, Vol.2, Taiwan, 3, pp.155-158.
[33] Ambwani, T. (2003). Multi class Support Vector Machine Implementation to Intrusion Detection. Proc. IEEE International Joint Conference on Neural Networks, pp.2300-2305
[34] Mukkamala, S., Sung A.H., & Abraham, A. (2005). Intrusion detection using an ensemble of intelligent paradigms. Journal of Network and Computer Applications, vol.28, pp. 167-182
[35] Shi, Y., & Eberhart, R. (1998). A Modified Particle Swarm Optimizer. IEEE World Congress on Computation Intelligence, pp.69-73.
[36] De Castro, L., & Von Zuben, F. (2002). Learning and Optimization Using the Clonal selection principle. IEEE Transactions on Evolutionary Computation, Vol. 6(3), pp. 239-251.
[37] Forrest, S., Perrelason, A.S., Allen, L., & Cherukur, R. (1994). Self- Nonself discrimination in a computer. Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, Oakland, CA:IEEE Computer Society Press, pp.202-212.
[38] Lee, W., & Stolfo, S.J. (1999). A data mining framework for building intrusion detection model. Proceedings of the 1999 IEEE Symposium on Security and Privacy.Oakland, CA:IEEE Computer Society Press, pp.120-132.
[39] Mukkamala, R.K., Gagnon, J., & Jajodia, S. (2000). Integrated data mining techniques with intrusion detection. Research Advances in Database and Information Systems Security. Kluwer Publisher, pp. 33- 46.
[40] Lee, W., & Stolfo, S.J. A framework for constructing features and models for intrusion detection systems. ACM Trans .Inform. Syst. Security , vol.3, pp. 227-261.
[41] Dash, M., Liu, H., & Motoda, H. (2000). Consistency based feature selection. Proc. of the Fourth PAKDD 2000, Kyoto, Japan, pp. 98-109.
[42] Almuallim, H., & Dietterich, T.G. (1994). Learning Boolean Concepts in the Presence of Many Irrelevant Features. Artificial Intelligence, vol. 69, nos. 1-2, pp. 279-305.
[43] Shafer, G. (1976). A mathematical theory of evidence. Princeton, NJ: Princeton University Press
[44] Ye, Q., Wu, X.P., Liu, Y.Q., Huang, G.F. ( ). A Hybrid Model of RST and DST with Its Application in Intrusion Detection. Naval University of Engineering, Wuhan, China
[45] Bose, I. (2006). Deciding The Financial Health Of Dot-Coms Using Rough Sets. School of Business, University of Hong Kong.
[46] Ling, Y., Bo, C., Junmo, X. (2007). An Integrated System of Intrusion Detection Based on Rough Set and Wavelet Neural Network. Nanjing China.
[47] Liang, S.Y., Yuteng, G., Beizhan, W., Xinxing, Z., Xiaobiao, X., Lida, L., & Qingda, Z. (2010). Feature Selection Based on Rough Set and Modified Genetic Algorithm for Intrusion Detection. The Research of Complex-Intrusion-oriented Alert Information Aggregation and Association Analysis Technology (NO.2008F3101)" A.P. Software School of Xiamen University, Xiamen, China
[48] Cortes, C., & Vapnik, V. (1995). Support Vector Networks. Machine learning, vol.20, no.3, Springer Berlin, pp.273-297.
[49] Burges, C.J.C. (1998). A tutorial on support vector machines for pattern recognition. Data Mining and Knowledge Discovery, vol 2(2), Springer US, pp.121-167.
[50] Steve, R.G. (1998). Support Vector Machines for Classification and Regression. Technical Report, University of Southampton Press, Southampton, UK
[51] Mukkamala, S., Janoski, G., Sung, A.H. (2002). Intrusion Detection Using Neural Networks and Support Vector Machines. Proceedings of IEEE International Joint Conference on Neural Networks, Vol 2, Honolulu, 5, pp. 1702-1707.
[51] Huaping, L., Yin, J., & Sijia, L. (2010). A New Intelligent Intrusion Detection Method Based on Attribute Reduction and Parameters Optimization of SVM. Xihua University, Chengdu, China.
[52] Takahashi, F., & Abe, S. (2003). Decision-Tree-Based Multi class Support Vector Machines. Proc. International Conference on Neural Information Processing, Vol.3, pp.1418-1422
[53] Zhenying, M., Lei, Z., Xiaofeng, L. (2005). On the Efficiency of Support Vector Classifiers for intrusion detection. Chongqing, China
[54] Qingxiang, W., Jianmei, S. (2009). Fusion of Rough Set Theory and Linear SVM for Intrusion Detection System. University of Science and Technology of China, Hefei, China.
[55] Chih-Fong, T. a*, Yu-Feng, H. b*, Chia-Ying, L. c*, & Wei-Yang, L. d,*. (2009). Intrusion Detection by Machine Learning: A review, a Department of Information Management, National Central University, Taiwan b Department of Information Management, National Sun Yat- Sen University, Taiwan c Department of Accounting and Information Technology, National Chung Cheng University, Taiwan d Department of Computer Science and Information Engineering, National Chung Cheng University, Taiwan.