Foundations of intrusion detection (computer security)

2003 ◽  
Author(s):  
P. Helman ◽  
G. Liepins ◽  
W. Richards
Keyword(s):  
Intrusion Detection ◽  
Computer Security

DECISION MAKING FOR NETWORK HEALTH ASSESSMENT IN AN INTELLIGENT INTRUSION DETECTION SYSTEM ARCHITECTURE

2004 ◽  
Vol 03 (02) ◽  
pp. 281-306 ◽  
Author(s):  
AMBAREEN SIRAJ ◽  
RAYFORD B. VAUGHN ◽  
SUSAN M. BRIDGES
Keyword(s):  
Intrusion Detection ◽  
Computer Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Health Assessment ◽  
Fuzzy Rule ◽  
Fuzzy Cognitive Maps ◽  
Causal Knowledge ◽  
Knowledge Reasoning ◽  
Decision Engine

This paper describes the use of artificial intelligence techniques in the creation of a network-based decision engine for decision support in an Intelligent Intrusion Detection System (IIDS). In order to assess overall network health, the decision engine fuses outputs from different intrusion detection sensors serving as "experts" and then analyzes the integrated information to present an overall security view of the system for the security administrator. This paper reports on the workings of a decision engine that has been successfully embedded into the IIDS architecture being built at the Center for Computer Security Research, Mississippi State University. The decision engine uses Fuzzy Cognitive Maps (FCM)s and fuzzy rule-bases for causal knowledge acquisition and to support the causal knowledge reasoning process.

Visualization Technique for Intrusion Detection

2018 ◽  
pp. 276-290
Author(s):  
Mohamed Cheikh ◽  
Salima Hacini ◽  
Zizette Boufaida
Keyword(s):  
Intrusion Detection ◽  
Computer Security ◽  
Detection System ◽  
Denial Of Service ◽  
High Rate ◽  
False Alarms ◽  
Dos Attacks ◽  
Network Parameter ◽  
A New Technique ◽  
Parameter Values

Intrusion detection system (IDS) plays a vital and crucial role in a computer security. However, they suffer from a number of problems such as low detection of DoS (denial-of-service)/DDoS (distributed denial-of-service) attacks with a high rate of false alarms. In this chapter, a new technique for detecting DoS attacks is proposed; it detects DOS attacks using a set of classifiers and visualizes them in real time. This technique is based on the collection of network parameter values (data packets), which are automatically represented by simple geometric graphs in order to highlight relevant elements. Two implementations for this technique are performed. The first is based on the Euclidian distance while the second is based on KNN algorithm. The effectiveness of the proposed technique has been proven through a simulation of network traffic drawn from the 10% KDD and a comparison with other classification techniques for intrusion detection.

Intrusion Prevention System Inspired Immune Systems

2016 ◽  
Vol 2 (1) ◽  
pp. 168 ◽  
Author(s):  
Yousef Farhaoui
Keyword(s):  
Immune System ◽  
Intrusion Detection ◽  
Computer Security ◽  
Information Technologies ◽  
Safety Level ◽  
Correct Operation ◽  
Intrusion Prevention ◽  
Immune Systems ◽  
Natural Function ◽  
Intrusion Prevention System

<p>In view of new communication and information technologies that appeared with the emergence of networks and Internet, the computer security became a major challenge, and works in this research axis are increasingly numerous. Various tools and mechanisms are developed in order to guarantee a safety level up to the requirements of modern life. Among them, intrusion detection and prevention systems (IDPS) intended to locate activities or abnormal behaviors suspect to be detrimental to the correct operation of the system. The purpose of this work is the design and the realization of an IDPS inspired from natural immune systems. The study of biological systems to get inspired from them for the resolution of computer science problems is an axis of the artificial intelligence field which gave rise to robust and effective methods by their natural function, the immune systems aroused the interest of researchers in the intrusion detection field, taking into account the similarities of NIS (Natural Immune System) and IDPS objectives. Within the framework of this work, we conceived an IDPS inspired from natural immune system and implemented by using a directed approach. A platform was developed and tests were carried out in order to assess our system performances.</p>

Intrusion Detection Technique Based on Improved Intuitionistic Fuzzy Neural Networks

2015 ◽  
Vol 713-715 ◽  
pp. 2507-2510
Author(s):  
Yang Lei ◽  
Jing Ma
Keyword(s):  
Neural Networks ◽  
Intrusion Detection ◽  
Computer Security ◽  
Detection Method ◽  
Fuzzy Neural Networks ◽  
Detection Methods ◽  
Detection Rates ◽  
Intuitionistic Fuzzy ◽  
Sufficient Stability ◽  
Fuzzy Neural

At present, the issue of intrusion detection has been a hot point to all over the computer security area. In this paper, a novel intrusion detection method has been proposed. Unlike the current existent detection methods, this paper combines the theories of both intuitionistic fuzzy sets (IFS) and artificial neural networks (ANN) together, which leads to much fewer iteration numbers, higher detection rates and sufficient stability. Experimental results show that the now method proposed in this paper is promising and has obvious superiorities over other current typical ones.

Intrusion Detection Based on Self-Organizing Map and Artificial Immunisation Algorithm

2010 ◽  
Vol 439-440 ◽  
pp. 29-34 ◽  
Author(s):  
Zhen Guo Chen ◽  
Guang Hua Zhang ◽  
Li Qin Tian ◽  
Zi Lin Geng
Keyword(s):  
Intrusion Detection ◽  
Computer Security ◽  
Real World ◽  
User Behavior ◽  
Experimental Result ◽  
System Call ◽  
Self Organizing Map ◽  
System Calls ◽  
Real World Datasets ◽  
Self Organizing

The rate of false positives which caused by the variability of environment and user behavior limits the applications of intrusion detecting system in real world. Intrusion detection is an important technique in the defense-in-depth network security framework and a hot topic in computer security in recent years. To solve the intrusion detection question, we introduce the self-organizing map and artificial immunisation algorithm into intrusion detection. In this paper, we give an method of rule extraction based on self-organizing map and artificial immunisation algorithm and used in intrusion detection. After illustrating our model with a representative dataset and applying it to the real-world datasets MIT lpr system calls. The experimental result shown that We propose an idea of learning different representations for system call arguments. Results indicate that this information can be effectively used for detecting more attacks with reasonable space and time overhead. So our experiment is feasible and effective that using in intrusion detection.

scholarly journals Deep Learning Approaches for Intrusion Detection

2021 ◽  
pp. 50-64
Author(s):  
Azar Abid Salih ◽  
Siddeeq Y. Ameen ◽  
Subhi R. M. Zeebaree ◽  
Mohammed A. M. Sadeeq ◽  
Shakir Fattah Kak ◽  
...  
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Computer Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Feature Learning ◽  
Detailed Comparison ◽  
Learning Approaches ◽  
Network Intrusion ◽  
Research Problems

Recently, computer networks faced a big challenge, which is that various malicious attacks are growing daily. Intrusion detection is one of the leading research problems in network and computer security. This paper investigates and presents Deep Learning (DL) techniques for improving the Intrusion Detection System (IDS). Moreover, it provides a detailed comparison with evaluating performance, deep learning algorithms for detecting attacks, feature learning, and datasets used to identify the advantages of employing in enhancing network intrusion detection.

scholarly journals Evaluation of DDoS attacks Detection in a New Intrusion Dataset Based on Classification Algorithms

2019 ◽  
Vol 1 (3) ◽  
pp. 49-55 ◽  
Author(s):  
Amer A. Abdulrahman ◽  
Mahmood K. Ibrahem
Keyword(s):  
Intrusion Detection ◽  
Computer Security ◽  
System Architecture ◽  
Intrusion Detection System ◽  
Network Flows ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Strategic Decision ◽  
Classification Algorithms ◽  
Ddos Attack

Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is openly accessible. It evaluates the performance of a complete arrangement of machine learning algorithms and network traffic features to indicate the best features for detecting the assured attack classes. Our goal is storing the address of destination IP that is utilized to detect an intruder by method of misuse detection.

Sign in / Sign up

Export Citation Format

Share Document