Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

Snort-Based Smart and Swift Intrusion Detection System


Affiliations
1 Department of Electrical and Computer Engineering, Kulliyyah of Engineering, International Islamic University Malaysia, Jalan Gombak, 53100 Kuala Lumpur, Selangor, Malaysia
 

Objectives: In this paper, a smart Intrusion Detection System (IDS) has been proposed that detects network attacks in less time after monitoring incoming traffic thus maintaining better performance. Methods/Statistical Analysis: The features are extracted using back-propagation algorithm. Then, only these relevant features are trained with the help of multi-layer perceptron supervised neural network. The simulation is performed using MATLAB. Findings: The proposed system has been verified to have high accuracy rate, high sensitivity as well as a reduction in false positive rate. Besides, the intrusions have been classified into four categories as Denial-of-Service (DoS), User-to-ischolar_main (U2R), Remote-to-Local (R2L) and Probe attacks; and the alerts are stored and shared via a central log. Thus, the unknown attacks detected by other Intrusion Detection Systems can be sensed by any IDS in the network thereby reducing computational cost as well as enhancing the overall detection rate. Applications/Improvements: The proposed system does not waste time by considering and analysing all the features but takes into consideration only relevant ones for the specific attack and supervised learning neural network is used for intrusion detection. By the application of Snort before backpropagation algorithm, the latter has only one function to perform – detection of unknown attacks. In this way, the time for attack detection is reduced.

Keywords

Back-Propagation, Intrusion Detection System, Multi-Layer Feed-Forward Neural Network, Snort
User

Abstract Views: 170

PDF Views: 0




  • Snort-Based Smart and Swift Intrusion Detection System

Abstract Views: 170  |  PDF Views: 0

Authors

Rashidah Funke Olanrewaju
Department of Electrical and Computer Engineering, Kulliyyah of Engineering, International Islamic University Malaysia, Jalan Gombak, 53100 Kuala Lumpur, Selangor, Malaysia
Burhan Ul Islam Khan
Department of Electrical and Computer Engineering, Kulliyyah of Engineering, International Islamic University Malaysia, Jalan Gombak, 53100 Kuala Lumpur, Selangor, Malaysia
Athaur Rahman Najeeb
Department of Electrical and Computer Engineering, Kulliyyah of Engineering, International Islamic University Malaysia, Jalan Gombak, 53100 Kuala Lumpur, Selangor, Malaysia
Ku Nor Afiza Ku Zahir
Department of Electrical and Computer Engineering, Kulliyyah of Engineering, International Islamic University Malaysia, Jalan Gombak, 53100 Kuala Lumpur, Selangor, Malaysia
Sabahat Hussain
Department of Electrical and Computer Engineering, Kulliyyah of Engineering, International Islamic University Malaysia, Jalan Gombak, 53100 Kuala Lumpur, Selangor, Malaysia

Abstract


Objectives: In this paper, a smart Intrusion Detection System (IDS) has been proposed that detects network attacks in less time after monitoring incoming traffic thus maintaining better performance. Methods/Statistical Analysis: The features are extracted using back-propagation algorithm. Then, only these relevant features are trained with the help of multi-layer perceptron supervised neural network. The simulation is performed using MATLAB. Findings: The proposed system has been verified to have high accuracy rate, high sensitivity as well as a reduction in false positive rate. Besides, the intrusions have been classified into four categories as Denial-of-Service (DoS), User-to-ischolar_main (U2R), Remote-to-Local (R2L) and Probe attacks; and the alerts are stored and shared via a central log. Thus, the unknown attacks detected by other Intrusion Detection Systems can be sensed by any IDS in the network thereby reducing computational cost as well as enhancing the overall detection rate. Applications/Improvements: The proposed system does not waste time by considering and analysing all the features but takes into consideration only relevant ones for the specific attack and supervised learning neural network is used for intrusion detection. By the application of Snort before backpropagation algorithm, the latter has only one function to perform – detection of unknown attacks. In this way, the time for attack detection is reduced.

Keywords


Back-Propagation, Intrusion Detection System, Multi-Layer Feed-Forward Neural Network, Snort



DOI: https://doi.org/10.17485/ijst%2F2018%2Fv11i4%2F169733