Refine your search
Collections
Journals
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
Visumathi, J.
- A Computational Intelligence for Evaluation of Intrusion Detection System
Abstract Views :746 |
PDF Views:146
Authors
Affiliations
1 Dept. of CSE, Jeppiaar Engineering College, Chennai, IN
2 Dept. of CSE, RMK Engineering College, Chennai, IN
1 Dept. of CSE, Jeppiaar Engineering College, Chennai, IN
2 Dept. of CSE, RMK Engineering College, Chennai, IN
Source
Indian Journal of Science and Technology, Vol 4, No 1 (2011), Pagination: 40-45Abstract
Intrusion detection system work at many levels in the network fabric and are taking the concept of security to a whole new sphere by incorporating intelligence as a tool to protect networks against un-authorized intrusions and newer forms of attack. Intrusion detection system is one of the widely used tools for defense in computer networks. In literature, plenty of research is published on Intrusion detection systems. In this paper we present a survey of intrusion detection systems. We survey the existing types, techniques and approaches of intrusion detection systems in the literature. We propose a new architecture for intrusion detection system and outline the present research challenges and issues in intrusion detection system using SVM classifiers. Finally we carry out our experiments based on our proposed methodology using DARPA (Defense advanced research projects agency) intrusion detection data set which is used for IDS evaluation.Keywords
IDS, Data Mining, Network, DARPA Data Set, SVMFull Text
References
- Agrawal R and Srikant R (1994) Fast algorithms for mining association rules. Proc. of the 20th VLDB conf., Santiago, Chile. pp.487-499.
- Amin Hassanzadeh and Babak Sadeghian (2008) Intrusion detection with data correlation relation graph. IEEE, The Third Intl. Conf. on Availability, Reliability and Security. pp.982-989.
- Bane Raman Raghunath and Shivsharan Nitin Mahadeo (2008) Network intrusion detection system. IEEE, First Intl Conf. on Emerging Trends in Engg. & Technol. pp:1272-1277.
- Creation and Deployment of Data Mining-Based Intrusion Detection Systemsin Oracle Database 10g. http://www.oracle.com/technology/products/bi/odm/pdf/odm_based_intrusion_detection_paper_1205. pdf
- Divyata Dal, Siby Abraham, Ajith Abraham, Sugata Sanyal and Mukund Sanglikar (2008) Evolution induced secondary immunity: An artificial immune system based intrusion detection system. IEEE, 7th Computer Information Systems & Industrial Management Applications.pp:65-70.
- Do-hyeon Lee, Doo-young Kim and Jae-il Jung (2008) Multi-Stage intrusion detection system using hidden Markov model algorithm. IEEE, Intl. Conf. on Information Sci. & Security. pp:72-77.
- Heikki Manila, Hannu Toivonen and A. InkeriVerkamo (1994) Efficient algorithms for discovering association rules. In: Knowledge Discovery in Databases (KDD’94). Fayyad UM & Uthurusamy R(Eds.), AAAI Press. p:81–192.
- Joong-Hee Leet, Jong-Hyouk Leet, Seon-Gyoung Sohn, Jong-Ho Ryu, and Tai-Myoung Chungt (2008) Effective value of decision tree with KDD 99 intrusion detection datasets for intrusion detection system. IEEE, ISBN: 978-89-5519-136-3
- Juan Wang, Qiren Yang and Dasen Ren (2009) An intrusion detection algorithm based on decision tree technology. IEEE Asia-Pacific Conf. on Information Processing. ISBN: 978-0-7695-3699-6. pp:333-335.
- Khosravifar B and Bentahar J 2008) An experience improving intrusion detection systems false alarm ratio by using honeypot. IEEE, 22nd Intl. Conf. on Advanced Information Networking and Applications.pp: 997-1004.
- Kola Sujatha P, Kannan A, Ragunath S, Sindhu Bargavi K and Githanjali S (2008) A behaviour based approach to host-level intrusion detection using selforganizing maps. IEEE, First Intl. Conf. on Emerging Trends in Engg. & Technol. pp:1267-1271.
- Lgor Vinicius Mussoi de Lima, Joelson Alencar Degaspari and Jo˜ao Bosco Mangueira Sobral (2008) Intrusion detection through artificial neural networks. IEEE, ISBN: 978-1-4244-2066-7.pp:867- 870.
- Lu Huijuan, Chen Jianguo and d Wei Wei (2008) Two stratum Bayesian network based anomaly detection model for intrusion detection system. IEEE, Intl. Symp. on Electronic Commerce & Security.pp:482-487.
- Marimuthu and A. Shanmugan (2008) Intelligent progression for anomoly intrusion detection. IEEE, ISBN: 978-1-4244-2106-0. pp:261-265.
- Mukkamala S, Sung AH and Abraham A (2004) Computational intelligent techniques for detecting denial of service attacks. Proc. of Innovations in Applied Artificial Intelligence, 17th Intl. Conf. on Industrial & Engg. Appl. of Artificial Intelligence & Expert Systems (IEA/AIE), Lecture Notes in Computer Science 3029 Springer, ISBN 3-540- 22007-0, pp: 633-642.
- Owais S, Snasel V, Kromer P and Abraham A (2008) Survey: Using genetic algorithm approach in intrusion detection systems techniques. CISIM 2008, IEEE. pp:300-307.
- Rakesh Agrawal, Arun Swami and Tomasz Imielinski (1993) Mining association rules between sets of items in large databases. Proc. of the 1993 ACM SIGMOD Conf. Washington DC, USA, May 1993. pp:1-10.
- Robert, Richardson (2007) Computer crime and security survey. http://i.cmpnet.com/v2.gocsi.com/ pdf/ CSISurvey2007.pdf.
- Sangeetha S, Vaidehi V, Srinivasan N, Rajkumar KV, Pradeep S, Ragavan N, Sri Sai Lokesh C, Subadeepak I and Prashanth V (2008) Implementation of application layer intrusion detection system using protocol analysis. IEEE-Intl Conf. on Signal processing, Commun. & Networking .pp:279-284
- Su MY, Chang KC, Wei HF and Lin CY (2008) A real-time network intrusion detection system based on incremental mining approach. IEEE.pp: 76- 81.
- Ya-Li Ding, Lei Li and Hong-Qi Luo (2009) A novel signature searching for intrusion detection system using data mining. IEEE 8th Intl. Conf. on Machine Learning & Cybernetics. ISBN: 978-1-4244-3703-0. pp:122-126.
- Youssif Al-Nashif, Aarthi Arun Kumar, Salim Hariri, Guangzhi Qu, Yi Luo and Ferenc Szidarovsky (2008) Multi-Level intrusion detection system. IEEE, Intl. Conf. on Automonic Computing. pp:131-140
- Zhan Jiuhua (2008) Intrusion detection system based on data mining. IEEE, Workshop on Knowledge Discovery and Data Mining, ISBN:978-0-7695-3090-1. pp:402-405.
- Zhengbing H, Zhitang Li and Junqi W (2008) A novel network intrusion detection system (NIDS) based on signatures search of data mining. IEEE, Workshop on knowledge discovery and data mining. pp:1-7.
- An Efficient Intrusion Detection System Using Computational Intelligence
Abstract Views :415 |
PDF Views:4
Authors
Source
National Journal of System and Information Technology, Vol 3, No 2 (2010), Pagination: 117-126Abstract
Intrusion detection system is one of the widely used tools for defense in Computer Networks. In literature, plenty of research is published on Intrusion Detection Systems. In this paper we present a survey of Intrusion Detection Systems. We survey the existing types, techniques and approaches of Intrusion Detection Systems in the literature. Finally we propose a new architecture for Intrusion Detection System and outline the present research challenges and issues in Intrusion Detection SystemKeywords
Intrusion Detection, Neural Network, Fuzzy logic, Artificial Intelligence, Honeypot, Data Mining
References
- Suhail Owais, Václav Snášel, Pavel Krömer, Ajith Abraham “Survey: Using Genetic Algorithm Approach in Intrusion Detection Systems Techniques” CISIM 2008, IEEE, ISBN: 978-0-7695-3184-7
- Rakesh Agrawal, Ramakrishnan S&ant “Fast Algorithms for Mining Association Rules”, Proceddings of the 20th VLDB Conference Santiago, Chile, 1994
- Hu Zhengbing1, Li Zhitang1,Wu Junqi, ” A Novel Network Intrusion Detection System(NIDS) Based on Signatures Search of Data Mining” 2008 IEEE, Workshop on Knowledge Discovery and Data Mining
- Ming-Yang Su, Kai-Chi Chang, Hua-Fu Wei, and Chun-Yuen Lin, “A Real-time Network Intrusion Detection System Based on Incremental Mining Approach”, 2008 IEEE
- Babak Khosravifar, Jamal Bentahar, “An Experience Improving Intrusion Detection Systems False Alarm Ratio by Using Honeypot”, 2008 IEEE, 22nd International Conference on Advanced Information Networking and Applications
- Marimuthu, Dr. A. Shanmugan, “Intelligent Progression for Anomoly Intrusion Detection”, 2008 IEEE, ISBN: 978-1-4244-2106-0
- ZHAN Jiuhua, “Intrusion Detection System Based on Data Mining”, 2008 IEEE, Workshop on Knowledge Discovery and Data Mining
- Youssif Al-Nashif, Aarthi Arun Kumar, Salim Hariri, Guangzhi Qu, Yi Luo, Ferenc Szidarovsky, “Multi-Level Intrusion Detection System”, 2008 IEEE, International Conference on Automonic Computing
- Bane Raman Raghunath, Shivsharan Nitin Mahadeo, “Network Intrusion Detection System”, 2008 IEEE, First International Conference on Emerging Trends in Engineering and Technology
- Joong-Hee Leet, Jong-Hyouk Leet, Seon-Gyoung Sohn, Jong-Ho Ryu, and Tai- Myoung Chungt, “Effective Value of Decision Tree with KDD 99 Intrusion Detection Datasets for Intrusion Detection System”, 2008 IEEE, ISBN: 978-89-5519- 136-3
- Lgor Vinicius Mussoi de Lima, Joelson Alencar Degaspari, Jo˜ao Bosco Mangueira Sobral, “Intrusio n Detection Through Artificial Neural Networks”, 2008 IEEE, ISBN: 978-1-4244-2066-7
- Do-hyeon Lee, Doo-young Kim, Jae-il Jung, “Multi-Stage Intrusion Detection System Using Hidden Markov Model Algorithm”, 2008 IEEE, International Conference on Information Science and Security .
- Lu Huijuan, Chen Jianguo,d Wei Wei, “Two Stratum Bayesian Network Based Anomaly Detection Model for Intrusion Detection System”, 2008 IEEE, Internation al Symposium on Electronic Commerce and Security
- Divyata Dal, Siby Abraham, Ajith Abraham, Sugata Sanyal, Mukund Sanglikar, “Evolution Induced Secondary Immunity: An Artificial Immune System based Intrusion Detection System”, 2008 IEEE, 7th Computer Information Systems and Industrial Management Applications
- Amin Hassanzadeh, Babak Sadeghian, “Intrusion Detection with Data Correlation Relation Graph”, 20 08 IEEE, The Third International Conference on Availability, Reliability and Security
- S.Sangeetha, V. Vaidehi, N.Srinivasan, K.V. Rajkumar, S. Pradeep, N.Ragavan, C.Sri Sai Lokesh, I.Subadeepak, V.Prashanth, “Implementation Of Application Layer Intrusion Detection System Using Protocol Analysis”, IEEE 2008, IEEE International Conference on Signal processing, Communications and Networking
- Mrs. P. Kola Sujatha Dr. A. Kannan S. Ragunath K. Sindhu Bargavi S. Githanjali,“A Behavior Based Approach to Host-Level Intrusion Detection using Self-organizing Maps”, 2008 IEEE, First International Conference on Emerging Trends in Engineering and Technology
- Robert, Richardson, “2007 Computer Crime and Security Survey”, http://i.cmpnet.com/v2.gocsi.com/pdf/CSISurvey2007.p df
- Ya-Li Ding, Lei Li, Hong-Qi Luo, “A novel signature searching for Intrusion Detection System using data mining”, 2009 IEEE Eighth International Conference on Machine Learning and Cybernetics ISBN: 978-1-4244-3703-0
- Juan Wang, Qiren Yang, Dasen Ren “An intrusion detection algorithm based on decision tree technology”, 2009 IEEE Asia-Pacific Conference on Information Processing ISBN: 978-0-7695-3699-6
- Rakesh Agrawal, Arun Swami, Tomasz Imielinski, “Mining Association Rules between Sets of Items in Large Databases” , Proceedings of the 1993 ACM SIGMOD Conference Washington DC, USA, May 1993
- Heikki Manila, Hannu Toivonen, A. Inkeri Verkamo “Efficient Algorithm s for Discovering Association Rules”, Knowledge Discovery in Databases (KDD’94) U.M. FAYYAD and R. Uthurusamy (EDS), AAAI Press, 1994, p. 181 – 192
- “Creation and Deployment of Data Mining-Based Intrusion Detection Systemsin Oracle Database 10g ” http://www.oracle.com/technology/products/bi/odm/pdf/odm_based_intrusion_dete ction_paper_1205. pdf
- Improved Detection of Dos Attacks Using Intelligent Computation Techniques
Abstract Views :247 |
PDF Views:4
Authors
Source
National Journal of System and Information Technology, Vol 3, No 2 (2010), Pagination: 127-138Abstract
IDSs play a principal role in pro-actively detecting intrusions into enterprise-level computer networks, therefore the accuracy with which it performs this vital function is of paramount importance. Many studies have previously been conducted to improve upon proper classification of detections using neural networks and machine learning algorithms. We try to compare the performance of various intelligent computation techniques like Bayesian networks, Naive Bayesian, Logistic regression, RBF networks, Multi-Layer perception, SVMs with the SMO model, Kth nearest neighbour and Random forest in detecting DoS attack patterns. The data that was used to train and validate these techniques was obtained from the MIT Lincoln lab study into IDSs. The results obtained provide a clear comparison of the individual intelligent computation techniques ability in identifying and classifying attack patterns.Keywords
Networks, Intrusion Detection, Denial of Service, Datasets, Data Mining, Bayesian Networks, Naive Bayesian, Logistic Regression, RBF Networks, Multi-layer Perception, Support Vector Machines, Sequential Minimal Optimization, Kth Nearest Neighbor, Random ForestReferences
- Kruegal C., Valeur F., Vigna G., Kemmerer R., “Statefull intrusion detection for high speed networks”, In proceedings of IEEE Symposium on Security and Privacy, pp 285-294, May 2002
- Mukkamala S., and Sung. A. H. (2003) A Comparative Study of Techniques for Intrusion Detection. Proceedings of 15th IEEE International Conference on Tools with Artificial Intelligence, IEEE Computer Society Press, pp 570-579
- K. Park, and H. Lee, “On the Effectiveness of Router-Based Packet Filtering for Distributed DoS attack and Prevention in Power-Law Internets”, Proc. of the SGICOMM, pp. 15-26, 2001
- S. E. Webster, “The Development and Analysis of Intrusion Detection Algorithms”, S.M. Thesis, Massachusetts Institute of Technology, 1998
- K. Kendall, “A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems”, Master's Thesis, Massachusetts Institute of Technology, 1998.
- “Internet Protocol Specification”, IETF, RFC 791, September 1981
- CERT Advisory CA-1998-01 Smurf IP Denial-of-Service Attacks http://www.cert.org/advisories/CA-1998-01.html, January 5, 1998
- Jason Anderson, “An Analysis of Fragmentation Attacks”, March 2001
- “Statistics: Methods and Applications”, Statsoft Publications
- Vladimir V. N. (1995) The Nature of Statistical Learning Theory. Springer
- Tommi Jaakkola, “Machine Learning: Bayesian networks, Support Vector Machines & Model selection”, MIT, 2006
- Jia Li, “Logistical Regression”, Department of Statistics, University of Pennsylvania, 2000~
- Ying So, “A Tutorial on Logisitc Regression”, SAS Institute, 2001
- [John Platt, “Fast training of support vector machines using sequential minimal optimization,” Advances in kernel methods: support vector learning, Pages: 185 – 208, 1999
- [Harp P.E., “Nearest neighbour pattern classification”. IEEE Transactions on Information Theory 13 (1): 21-27 (1967)
- Leo Breiman, “Random Forests”, Machine Learning, pp5-32, Kluwer Academic Publishing, 2001.
- Misuse and Anomaly-Based Network Intrusion Detection System Using Fuzzy and Genetic Classification Algorithms
Abstract Views :143 |
PDF Views:2
Authors
Affiliations
1 Sathyabama University, Chennai, IN
2 Department of CSE, R.M.K Engineering College, Chennai, IN
3 Department of EIE, R.M.K Engineering College, Chennai, IN
1 Sathyabama University, Chennai, IN
2 Department of CSE, R.M.K Engineering College, Chennai, IN
3 Department of EIE, R.M.K Engineering College, Chennai, IN
Source
Fuzzy Systems, Vol 4, No 4 (2012), Pagination: 137-141Abstract
Intrusion Detection System (IDS) is a topic that has recently secured much interest in the computer security community. The main function of IDS is distinguishing and predicting normal or abnormal behaviors. The problem of intrusion detection has been studied and received a lot of attention in machine learning and data mining in the literature survey. The existing techniques are not effective to improve the classification accuracy and to reduce high false alarm rate. Therefore, it is necessary to propose new technique for IDS. In this paper, we propose a new Fuzzy C-Means clustering method and Genetic Algorithm for identifying intrusion and classification for both anomaly and misuse. The experiments of the proposed IDS are performed with KDD cup'99 data set. The experiments clearly show that the proposed method provides better classification accuracy over existing method.Keywords
Intrusion Detection, Genetic Algorithm, Fuzzy Clustering Algorithm.- A Computational Intelligence for Performance Evaluation of Honeypots
Abstract Views :392 |
PDF Views:3
In our experiments for system level detection we use magic number techniques, virtual register sets technique and interrupt description table technique. In magic number technique our program takes the magic number, port number and command to execute as inputs and output whether it is VM ware or VPC or is it a host machine. In IDT technique our program uses SIDT we trace the finger prints of virtual machine and determine its VMware or VPC. In detection of sebek we look for the finger prints present in the memory and hijack the system call that is used by sebek. This paper also describes the results concerning the robustness and generalization capabilities of kernel methods in detecting honeypots using system and network finger printing data. We use traditional support vector machines. We also evaluate the impact of kernel type and parameter values on the accuracy of a support vector machine performing honeypot classification. In our experiments it is found that SVM performs the best for data sent on the same network.
Authors
Affiliations
1 Sathyabama University, Chennai, IN
2 R.M.K Engineering College, Chennai, IN
1 Sathyabama University, Chennai, IN
2 R.M.K Engineering College, Chennai, IN
Source
Artificial Intelligent Systems and Machine Learning, Vol 3, No 4 (2011), Pagination: 227-233Abstract
Internet security deals with the methods and tools used for protecting the information transactions in various business, government and academic organizations. Honeypot is an information gathering and learning tools. It is used to collect the information about the intruders, their attack patterns, reason for attack and tools used by thing. This information, which is collected about the intruders help a lot to learn about their motives, proceedings and the technical abilities of the intruders. This paper focuses on the detection of virtual environments and low interaction honeypots by using a feature set that is built using traditional system and network level finger printing mechanisms. Earlier work in the area has been mostly based on the system level detection. The results aim at bringing out the limitations in the current honeypot technology.In our experiments for system level detection we use magic number techniques, virtual register sets technique and interrupt description table technique. In magic number technique our program takes the magic number, port number and command to execute as inputs and output whether it is VM ware or VPC or is it a host machine. In IDT technique our program uses SIDT we trace the finger prints of virtual machine and determine its VMware or VPC. In detection of sebek we look for the finger prints present in the memory and hijack the system call that is used by sebek. This paper also describes the results concerning the robustness and generalization capabilities of kernel methods in detecting honeypots using system and network finger printing data. We use traditional support vector machines. We also evaluate the impact of kernel type and parameter values on the accuracy of a support vector machine performing honeypot classification. In our experiments it is found that SVM performs the best for data sent on the same network.