Feature Selection Strategy for Network Intrusion Detection System (NIDS) Using Meerkat Clan  Algorithm

The task of network security is to keep services available at all times by dealing with hacker attacks. One of the mechanisms obtainable is the Intrusion Detection System (IDS) which is used to sense and classify any abnormal actions. Therefore, the IDS system should always be up-to-date with the latest hacker attack signatures to keep services confidential, safe, and available. IDS speed is a very important issue in addition to learning new attacks. A modified selection strategy based on features was proposed in this paper one of the important swarm intelligent algorithms is the Meerkat Clan Algorithm (MCA). Meerkat Clan Algorithm has good diversity solutions through its neighboring generation conduct and it was used to solve several problems. The proposed strategy benefitted from mutual information to increase the performance and decrease the consumed time. Two datasets (NSL-KDD & UNSW-NB15) for Network Intrusion Detection Systems (NIDS) have been used to verify the performance of the proposed algorithm. The experimental findings indicate that, compared to other approaches, the proposed algorithm produces good results in a minimum of time.

Download Full-text

Enhanced Network Intrusion Detection System

Sensors ◽

10.3390/s21237835 ◽

2021 ◽

Vol 21 (23) ◽

pp. 7835

Author(s):

Ketan Kotecha ◽

Raghav Verma ◽

Prahalad V. Rao ◽

Priyanshu Prasad ◽

Vipul Kumar Mishra ◽

...

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Network Intrusion Detection ◽

High Detection Rate ◽

Detection Systems ◽

Network Intrusion ◽

Network Intrusion Detection System ◽

Network Intrusion Detection Systems ◽

High Detection

A reasonably good network intrusion detection system generally requires a high detection rate and a low false alarm rate in order to predict anomalies more accurately. Older datasets cannot capture the schema of a set of modern attacks; therefore, modelling based on these datasets lacked sufficient generalizability. This paper operates on the UNSW-NB15 Dataset, which is currently one of the best representatives of modern attacks and suggests various models. We discuss various models and conclude our discussion with the model that performs the best using various kinds of evaluation metrics. Alongside modelling, a comprehensive data analysis on the features of the dataset itself using our understanding of correlation, variance, and similar factors for a wider picture is done for better modelling. Furthermore, hypothetical ponderings are discussed for potential network intrusion detection systems, including suggestions on prospective modelling and dataset generation as well.

Download Full-text

A Multi-Fusion Pattern Matching Algorithm for Signature-Based Network Intrusion Detection System

10.20944/preprints201608.0197.v1 ◽

2016 ◽

Author(s):

Manohar Naik S ◽

Geethanjali N

Keyword(s):

Intrusion Detection ◽

Pattern Matching ◽

Detection System ◽

Intrusion Detection Systems ◽

Network Intrusion Detection ◽

Matching Algorithm ◽

Detection Systems ◽

Network Intrusion ◽

Network Intrusion Detection Systems ◽

Pattern Matching Algorithm

Security has become a critical issue in today’s highly distributed and networked systems. Network intrusion detection systems (NIDSs), especially signature-based NIDSs, are being widely deployed in a distributed network environment with the purpose of defending against a variety of network attacks. Most of the commercially available NIDSs are software based and rely on pattern matching to extract the threat from network traffic. The increase in network speed and traffic may make existing algorithms to become a performance bottleneck. Therefore it is very necessary to develop faster and more efficient pattern matching algorithm in order to overcome the troubles on performance of NIDSs. Therefore, we propose a multi fusion pattern matching algorithm for Network Intrusion Detection Systems. The results obtained in percentages from the proposed fusion algorithm given better values in terms processing time in milliseconds than the existing algorithms when data English text are applied to evaluate the fusion performances.

Download Full-text

Agents in Security

Handbook of Research on Agent-Based Societies ◽

10.4018/978-1-60566-236-7.ch022 ◽

2009 ◽

pp. 325-340

Author(s):

Theodor Richardson

Keyword(s):

Intrusion Detection ◽

Detection System ◽

Intrusion Detection Systems ◽

Network Intrusion Detection ◽

Network System ◽

Network Systems ◽

Agent Based ◽

Detection Systems ◽

Network Intrusion ◽

Network Intrusion Detection Systems

Network Intrusion Detection Systems (NIDS) are designed to differentiate malicious traffic, from normal traf- fic, on a network system to detect the presence of an attack. Traditionally, the approach around which these systems are designed is based upon an assumption made by Dorothy Denning in 1987, stating that malicious traffic should be statistically differentiable from normal traffic. However, this statement was made regarding host systems and was not meant to be extended without adjustment to network systems. It is therefore necessary to change the granularity of this approach to find statistical anomalies per host as well as on the network as a whole. This approach lends itself well to the use of emergent monitoring agents per host, that have a central aggregation point with a visualization of the network as a whole. This chapter will discuss the structure, training, and deployment of such an agent-based intrusion detection system and analyze its viability in comparison to the more traditional anomaly-based approach to intrusion detection.

Download Full-text