Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

Detecting a Denial of Service Using Artificial Intelligent Tools, Genetic Algorithm


Affiliations
1 Computer Science Department, Baghdad University, India
2 Centre for Development of Advanced Computer CDAC, Pune University, India
 

This paper describes novel work in using Genetic Algorithm for detecting misuse of programs. A brief overview of Intrusion Detection System, genetic algorithm and related detection techniques is presented. Developing rules manually through incorporation of attack signatures results is meaningful but weak as it is difficult to define thresholds. In this paper the proposition of learning the Intrusion Detection, rules based on genetic algorithms is presented. The experimental results are demonstrated on the KDD cup 99 and UoP intrusion detection data set (in the DARPA evaluations) in our experiments the characters of an attack such as Smurf and Apache2 (Denial of Service Attacks) are summarized through the KDD 99 data set and the effectiveness and robustness of the approach are discussed.

Keywords

Attack Signatures, Intrusion Detection, Genetic Algorithm, KDD Cup Set, Rule Set, the 1999 DARPA Evaluation
User

  • Andersoii D, Frivold T and Valdes A (1995) Nextgeneration intrusion detection expert system (NTDES): A summary. Technical Report SRI-CSL- 95-07, Computer Science Laboratory, SRI International, Menlo Park, California.

  • Axelsson S (2000) A preliminary attempt to apply detection and estimation theory to intrusion detection. Technical report, Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden.

  • Crosbie M and Spafford E (1995) Applying genetic Programming to Intrusion Detection. In: Proc. of the AAAI Fall Symposium.

  • Forrest S, Hofmeyr SA, Somayaji A and Longstaff TA (1996) A sense of self for Unix processes. In: Proc. 1996 IEEE Symposium on Security and Privacy, Los Alamitos, CA. IEEE Computer Society Press. pp: 120-128.

  • Ghosh AK and Schwartzbard A (1999) A study in using neural networks for anomaly and misuse detection. In Proc. of the 8th USENIX Security Symposium, August 1999.

  • Haystack S. E. Smaha (1988) An intrusion detection system. In: Proc. of the IEEE Fourth Aerospace Computer Security Applications Conference.

  • Ilgun K, Kemmerer RA and Porras PA (1995) State transition analysis: A rule-based intrusion detection approach. IEEE Transactions on Software Engineering, 21(3), 181-199.

  • Kumar S and Spafford EH (1995) A software architecture to support misuse intrusion detection. In: Proc. of the 18th National Information Security Conference. pp: 194-204.

  • Lane T and Brodley CE (1998) Temporal sequence learning and data reduction for anomaly detection. In: Proceedings of 5th ACM Conference on Computer S Communication Security.

  • Lee W and Stolfo SJ (1998) Data mining approaches for intrusion detection. In: Proceedings of the 7th USENIX Security Symposium, San Antonio, TX, January 1998.

  • Lee W, Stolfo S- J and Mok KW (1999) A data mining framework for building intrusion detection models. In: Proc. of the 1999 IEEE Symposium on Security and Privacy, May 1999.

  • Lee W, Wei Fan, Matt Miller, Sal Stolfo and Erez Zadok (2000) Toward cost-sensitive modeling for intrusion detection and response. In 1st ACM Workshop on Intrusion Detection Systems.

  • Lippmann R, Pried D, Graf I, Hames J, Kendall K, McClung D, Weber D, Webster S, Wyschogrod D, Cunninghan R and Zissman M (2000) Evaluating intrusion detection systems: The 1998 darpa offline intrusion detection evaluation. In: Proc. of the 2000 DARPA Information Survivability Conference and Exposition.

  • Lunt T (1993) Detecting intruders in computer systems. In Proc. of the 1993 Conference on Auditing and Computer Technology.

  • Lunt T, Tamaru A, Gilham F, Jagannathan R, Neumann P, Javitz H, Valdes A and Garvey T (1992) A real-time intrusion detection expert system (IDES) - final technical report. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California.

  • Maxion RA and Tan KMC (2000) Benchmarking anomaly-based detection systems. In: Proc. of the 1st International Conference on Dependable Systems & Networks.

  • Pohlheim H (2005) Genetic and Evolutionary Algorithms: Principles Methods and Algorithms. hup://wwv.gearbx.cpm/docu/mdex.luml. January.

  • Porras PA and Neumann PG (1997) EMERALD: Event monitoring enabling responses to anomalous live disturbances. In: National Information Systems Security Conference, Baltimore MD.

  • Tacobson V, Leres C and McCanne S (1989) tcpdump. Available via anonymous ftp to ftp.ee.lbl.gov.

  • Warrender C, Forrest S and Pearl Mutter B (1999) Detecting intrusions using system calls: Alternative data models. In: Proc. of the 1999 IEEE Symposium on Security and Privacy.


Abstract Views: 406

PDF Views: 113




  • Detecting a Denial of Service Using Artificial Intelligent Tools, Genetic Algorithm

Abstract Views: 406  |  PDF Views: 113

Authors

Maath. K. Al-anni
Computer Science Department, Baghdad University, India
V. Sundarajan
Centre for Development of Advanced Computer CDAC, Pune University, India

Abstract


This paper describes novel work in using Genetic Algorithm for detecting misuse of programs. A brief overview of Intrusion Detection System, genetic algorithm and related detection techniques is presented. Developing rules manually through incorporation of attack signatures results is meaningful but weak as it is difficult to define thresholds. In this paper the proposition of learning the Intrusion Detection, rules based on genetic algorithms is presented. The experimental results are demonstrated on the KDD cup 99 and UoP intrusion detection data set (in the DARPA evaluations) in our experiments the characters of an attack such as Smurf and Apache2 (Denial of Service Attacks) are summarized through the KDD 99 data set and the effectiveness and robustness of the approach are discussed.

Keywords


Attack Signatures, Intrusion Detection, Genetic Algorithm, KDD Cup Set, Rule Set, the 1999 DARPA Evaluation

References





DOI: https://doi.org/10.17485/ijst%2F2009%2Fv2i2%2F29386