Hybrid Intelligent Intrusion Detection System
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 33122
Hybrid Intelligent Intrusion Detection System

Authors: Norbik Bashah, Idris Bharanidharan Shanmugam, Abdul Manan Ahmed

Abstract:

Intrusion Detection Systems are increasingly a key part of systems defense. Various approaches to Intrusion Detection are currently being used, but they are relatively ineffective. Artificial Intelligence plays a driving role in security services. This paper proposes a dynamic model Intelligent Intrusion Detection System, based on specific AI approach for intrusion detection. The techniques that are being investigated includes neural networks and fuzzy logic with network profiling, that uses simple data mining techniques to process the network data. The proposed system is a hybrid system that combines anomaly, misuse and host based detection. Simple Fuzzy rules allow us to construct if-then rules that reflect common ways of describing security attacks. For host based intrusion detection we use neural-networks along with self organizing maps. Suspicious intrusions can be traced back to its original source path and any traffic from that particular source will be redirected back to them in future. Both network traffic and system audit data are used as inputs for both.

Keywords: Intrusion Detection, Network Security, Data mining, Fuzzy Logic.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1061258

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2135

References:


[1] Bace R.G Intrusion Detection, Technical Publishing (ISBN 1-57870- 185-6).
[2] Lunt. T. "Detecting intruders in computer systems". Conference on auditing and computer technology, 1993.
[3] Teng, H., K.Chen and S.Lu "Adaptive real time anomaly detection using inductively generated sequential patters". IEEE computer society symposium on research in security and privacy, California, IEEE Computer Society 278-84 1990.
[4] Lee, S.Stolfo and K.Mok "Mining audit data to build data to build intrusion detection models". Fourth international conference on knowledge discovery and data mining, New York, AAAI Press 66-72, 1998.
[5] Mukkamala, R., J.Gagnon and S.Jaiodia Integrating data mining techniques with intrusion detection methods. Research Advances in Database and Information systems security, 33-46, 2000.
[6] S Stolfo, Lee, Chan. "Data mining-based Intrusion detectors : An overview of the Columbia IDS Project" SIGMOD Record Vol 30, No 4, 200.
[7] Debar, M. Becker, D.Siboni. "A neural network component for an intrusion detection system". IEEE Computer Society Symposium on Research in Computer Security and Privacy, 240-250 1992.
[8] Tan.K "The Application of Neural Networks to UNIX Computer security". IEEE International conference on Neural Networks Vol 1, 476-481 1995
[9] Wang J, Wang Z, Dai K, "A Network intrusion detection system based on ANN", InfoSecu04, ACM 2004(ISBN1-58113-955-1)
[10] Botha.M, Solms R, Perry K, Loubser E, Yamoyany G "The utilization of Artificial Intelligence in a Hybrid Intrusion Detection System", SAICSIT, 149-155 2002
[11] www.snort.org
[12] Xinyuan Wang, Douglas S. Reeves, S. Felix and Jim Yuill, " Sleepy Watermark Tracing : An active Network Based Intrusion Response Framework" IEEE Information Survivability Workshop, October 2003
[13] http://snort-inline.sourceforge.net/
[14] Lee, W.,S Stolfo and K. Mok 1998 "Mining audit data to build intrusion detection models". Fourth international conference on knowledge discovery and data mining, New York August 1998
[15] Agrawal, R., and R.Srikant 1994 "Fast algorithms for mining association rules 20"h international conference on very large databases September 1994
[16] Kuok, C., A.Fu and M. Wong "Mining fuzzy association rules in databases" SIGMOD Record 17 (1) 41-46.
[17] Peter Lichodzijewski A.Nur Zincir-Heywood, Malcolm I. Heywood "Host-based Intrusion Detection using Self-Organizing maps" IEEE Communications 2002.