Features Selection for Intrusion Detection System Based on DNA Encoding

2019 ◽  
pp. 323-335
Author(s):  
Omar Fitian Rashid ◽  
Zulaiha Ali Othman ◽  
Suhaila Zainudin
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Features Selection ◽  
Dna Encoding ◽  
Selection For

PAIRWISE CLUSTERS OPTIMIZATION AND CLUSTER MOST SIGNIFICANT FEATURE METHODS FOR ANOMALY-BASED NETWORK INTRUSION DETECTION SYSTEM (POC2MSF)

2018 ◽  
Vol 3 (2) ◽  
pp. 93
Author(s):  
Gervais Hatungimana
Keyword(s):  
Intrusion Detection ◽  
Network Traffic ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Significant Feature ◽  
Features Selection ◽  
Number Of Clusters ◽  
Network Intrusion

 Anomaly-based Intrusion Detection System (IDS) uses known baseline to detect patterns which have deviated from normal behavior. If the baseline is faulty, the IDS performance degrades. Most of researches in IDS which use k-centroids-based clustering methods like K-means, K-medoids, Fuzzy, Hierarchical and agglomerative algorithms to baseline network traffic suffer from high false positive rate compared to signature-based IDS, simply because the nature of these algorithms risk to force some network traffic into wrong profiles depending on K number of clusters needed. In this paper we propose alternate method which instead of defining K number of clusters, defines t distance threshold. The unrecognizable IDS; IDS which is neither HIDS nor NIDS is the consequence of using statistical methods for features selection. The speed, memory and accuracy of IDS are affected by inappropriate features reduction method or ignorance of irrelevant features. In this paper we use two-step features selection and Quality Threshold with Optimization methods to design anomaly-based HIDS and NIDS separately. The performance of our system is 0% ,99.9974%, 1,1 false positive rates, accuracy , precision and recall respectively for NIDS and  0%,99.61%, 0.991,0.978 false positive rates, accuracy, precision and recall respectively for HIDS.

scholarly journals Fuzzy Controlled Network Intrusion Detection System (FC-NIDS)

2019 ◽  
Vol 9 (2) ◽  
pp. 228-235
Keyword(s):  
Intrusion Detection ◽  
False Alarm ◽  
Fuzzy Inference System ◽  
Intrusion Detection System ◽  
Fuzzy Inference ◽  
Detection System ◽  
Features Selection ◽  
Inference System ◽  
Testing Procedures ◽  
Network Intrusion

Intrusion Detection System (IDS) is the nearly all imperative constituent of computer network security. IDSs are designed to comprehend intrusion attempts in incoming network traffic shrewdly. It deals with big volume of data containing immaterial and outmoded features, which lead to delay in training as well as testing procedures. Therefore, to minimize the false alarm and computation complexity, the features selection technique for intrusion detection has been implemented. In this paper PCA (Principal Component Analysis) and Fuzzy Inference System (FIS) have been used on kdd99 dataset to develop FC-NIDS model. PCA is used to select the attacked features to minimize the computational work, while FIS is used to develop a fuzzy inference system for accuracy in prophecy using MATLAB. The results of the experiment are tested on UCI data sets as a standard bench-mark. It has been found efficient for true prediction of intrusion as well as to reduce the false alarm rate. The proposed fuzzy logic controller IDS (FC-NIDS), is passable to covenant with signature and anomaly based attacks to get enhanced intrusion detection, decreases false alarm and to optimize complexity.

scholarly journals DNA Encoding for Misuse Intrusion Detection System based on UNSW-NB15 Data Set

2020 ◽  
pp. 3408-3416
Author(s):  
Omar Fitian Rashid
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Attack Detection ◽  
High Rate ◽  
Dna Encoding ◽  
Data Set ◽  
Detection Rates ◽  
Detection Systems ◽  
Threat Environment

Recent researches showed that DNA encoding and pattern matching can be used for the intrusion-detection system (IDS), with results of high rate of attack detection. The evaluation of these intrusion detection systems is based on datasets that are generated decades ago. However, numerous studies outlined that these datasets neither inclusively reflect the network traffic, nor the modern low footprint attacks, and do not cover the current network threat environment. In this paper, a new DNA encoding for misuse IDS based on UNSW-NB15 dataset is proposed. The proposed system is performed by building a DNA encoding for all values of 49 attributes. Then attack keys (based on attack signatures) are extracted and, finally, Raita algorithm is applied to classify records, either attacks or normal, based on the extracted keys. The results of the current experiment showed that the proposed system achieved good detection rates for all of attacks, which included the Analysis, Backdoor, DoS, Exploits, Fuzzers, Generic, Reconnaissance, Shellcode, and Worms, with values of 82.56%, 92.68%, 75.59%, 75.42%, 67%, 99.28%, 81.02%, 73.6%, 85%, and 90.91%, respectively. The values of false alarm rate and accuracy were equal to 24% and 89.05%, respectively. Also, the execution time for the proposed system was found to be short, where the values of the encoding time and matching time for one record were 0.45 and 0.002 second, respectively.

scholarly journals Effect of Mutation and Crossover Probabilities on Genetic Algorithm and Signature Based Intrusion Detection System

2018 ◽  
Vol 7 (4.19) ◽  
pp. 1011
Author(s):  
Mr. Prakash N Kalavadekar ◽  
Dr. Shirish S. Sane
Keyword(s):  
Genetic Algorithm ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Features Selection ◽  
Access Management ◽  
Intrusion Prevention ◽  
Detection Systems ◽  
Management Schemes ◽  
The Right

Conventional methods of intrusion prevention like firewalls, cryptography techniques or access management schemes, have not provided complete protection to computer systems and networks from refined malwares and attacks. Intrusion Detection Systems (IDS) are giving the right solution to the current issues and became an important part of any security management system to detect these threats and will not generate widespread harm. The basic goal of IDS is to detect attacks and their nature that may harm the computer system. Several different approaches for intrusion detection have been reported in the literature. The signature based concept using genetic algorithm as features selection and, J48 as classifier to detect attack is proposed in this paper. The system was evaluated on KDD Cup 99, NSL-KDD and Kyoto 2006+ datasets. 

Sign in / Sign up

Export Citation Format

Share Document