nach oben

Soft Computing

Erschienen in:

07.12.2015 | Methodologies and Application

A study on intrusion detection using neural networks trained with evolutionary algorithms

verfasst von: Tirtharaj Dash

Erschienen in: Soft Computing | Ausgabe 10/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Intrusion detection has been playing a crucial role for making a computer network secure for any transaction. An intrusion detection system (IDS) detects various types of malicious network traffic and computer usage, which sometimes may not be detected by a conventional firewall. Recently, many IDS have been developed based on machine learning techniques. Specifically, advanced detection approaches created by combining or integrating evolutionary algorithms and neural networks have shown better detection performance than general machine learning approaches. The present study reports two new hybrid intrusion detection methods; one is based on gravitational search (GS), and other one is a combination of GS and particle swarm optimization (GSPSO). These two techniques have been successfully implemented to train artificial neural network (ANN) and the resulting models: GS-ANN and GSPSO-ANN are successfully applied for intrusion detection process. The applicability of these proposed approaches is also compared with other conventional methods such as decision tree, ANN based on gradient descent (GD-ANN), ANN based on genetic algorithm (GA-ANN) and ANN based on PSO (PSO-ANN) by testing with NSL-KDD dataset. Moreover, the results obtained by GS-ANN and GSPSO-ANN are found to be statistically significant based on the popular Wilcoxon’s rank sum test as compared to other conventional techniques. The obtained test results reported that the proposed GS-ANN and GSPSO-ANN could achieve a maximum detection accuracy of 94.9 and 98.13 % respectively. The proposed models (GS-ANN and GSPSO-ANN) could also achieve good performance when tested with highly imbalanced datasets.

Vorheriger Artikel An inverse controller design method for interval type-2 fuzzy models

Nächster Artikel A Markov chain approximation to multi-stage interactive group decision-making method based on interval fuzzy number

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Ahmad I, Hussain M, Alghamdi A, Alelaiwi A (2014) Enhancing SVM performance in intrusion detection using optimal feature subset selection based on genetic principal components. Neural Comput Appl 24(7–8):1671–1682CrossRef

Alshammari R, Zincir-Heywood AN (2007) A flow based approach for SSH traffic detection. IEEE Int Conf Syst Man Cybern 2007:296–301

Aydin MA, Zaim AH, Ceylan KG (2009) A hybrid intrusion detection system design for computer network security. Comput Electr Eng 35:517–526CrossRefMATH

Bao F, Chen I-R, Chang M, Cho J-H (2012) Hierarchical trust management for wireless sensor networks and its applications to trust-based routing and intrusion detection. IEEE Trans Netw Serv Manag 9(2):169–183CrossRef

Beghdad R (2008) Critical study of neural networks in detecting intrusions. Comput Secur 27(5–6):168–175CrossRef

Catania CA, Garino CG (2012) Automatic network intrusion detection: current techniques and open issues. Comput Electr Eng 38:1062–1072CrossRef

Chen YH, Abraham A, Yang B (2007) Hybrid flexible neural-tree-based intrusion detection systems. Int J Intell Syst 22(4):337–352CrossRefMATH

Dainotti A, Pescapé A, Rossi PS, Palmieri F, Ventre G (2008) Internet traffic modeling by means of hidden Markov models. Comput Netw 52(14):2645–2662CrossRefMATH

Dash T, Nayak SK, Behera HS (2015a) Hybrid gravitational search and particle swarm based fuzzy MLP for medical data classification. In: Computational intelligence in data mining, vol 1. Springer, India, pp 35–43

Dash T, Nayak T, Swain RR (2015b) Controlling wall following robot navigation based on gravitational search and feed forward neural network. In: Proceedings of the 2nd international conference on perception and machine intelligence, ACM, pp 196–200

Eberhart R, Kennedym J (1995) A new optimization using particle swarm theory. In: Sixth international symposium on micro machine and human science, MHS’95, IEEE, pp 39–43

Fiore U, Palmieri F, Castiglione A, De Santis A (2013) Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122:13–23CrossRef

Garcia S, Molina D, Lozano M, Herrera F (2009) A study on the use of non-parametric tests for analyzing the evolutionary algorithms’ behaviour: a case study on the CEC’2005 special session on real parameter optimization. J Heuristics 15:617–644CrossRefMATH

Gómez J, Gil C, Baños R, Márquez AL, Montoya FG, Montoya MG (2013) A Pareto-based multi-objective evolutionary algorithm for automatic rule generation in network intrusion detection systems. Soft Comput 17(2):255–263CrossRef

Gu Y, McCallum A, Towsley D (2005) Detecting anomalies in network traffic using maximum entropy estimation, In: Proceedings of the 5th ACM SIGCOMM conference on internet measurement, IMC’05. USENIX Association, Berkeley, CA, USA, p 32

Horng S-J, Su M-Y, Chen Y-H, Kao T-W, Chen R-J, Lai J-L, Perkasa CD (2011) A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert Syst Appl 38:306–313CrossRef

Hu J, Yu X, Qiu D (2009) A simple and efficient hidden Markov model scheme for host-based anomaly intrusion detection. IEEE Netw 23:42–47CrossRef

KDD Cup (1999) Intrusion detection data set. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

Kim G, Lee S, Kim S (2014) A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst Appl 41(4):1690–1700CrossRef

Kuang F, Zhang S, Jin Z, Xu W (2015) A novel SVM by combining kernel principal component analysis and improved chaotic particle swarm optimization for intrusion detection. Soft Comput 19:1187–1199CrossRef

Kumar PAR, Selvakumar S (2011) Distributed denial of service attack detection using an ensemble of neural classifier. Comput Commun 34:1328–1341CrossRef

Lazarevic A, Kumar V, Srivastava J (2005) Intrusion detection: a survey. In: Managing cyber threats. Massive Computing, vol 5. Springer, New York, pp 19–78

Lee W, Nimbalkar RA, Yee KK, Patil SB, Desai PH, Tran TT, Stolfo SJ (2000) A data mining and CIDF based approach for detecting novel and distributed intrusions. In: Recent advances in intrusion detection, Springer, Berlin, pp 49–65

Levin I (2000) KDD-99 classifier learning contest LLSoft’s results overview. SIGKDD Explor 1(2):67–75CrossRef

Linda O, Vollmer T, Manic M (2009) Neural network based intrusion detection system for critical infrastructures. In: Proceedings of international joint conference on neural networks, Atlanta, Georgia, USA, 14–19 June 2009, pp 1827–1834

Mabu S, Chen C, Lu N, Shimada K, Hirasawa K (2011) An intrusion-detection model based on fuzzy class-association-rule mining using genetic network programming. IEEE Trans Syst Man Cyber Part C 41(1):130–139CrossRef

Mahoney MV, Chan PK (2002) Learning nonstationary models of normal network traffic for detecting novel attacks. In: Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining. KDD\(\acute{0}\)2. ACM, New York, NY, USA, pp 376-385

Manikopoulos C, Papavassiliou S (2002) Network intrusion and fault detection: a statistical anomaly approach. IEEE Commun Mag 40(10):76–82CrossRef

Marín-Blázquez JG, Pérez GM (2009) Intrusion detection using a linguistic hedged fuzzy-XCS classifier system. Soft Comput 13(3):273–290

McHugh J (2000) Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory. ACM Trans Inf Syst Secur 3(4):262–294CrossRef

Mirjalili S, Hashim SZM, Sardroudi HM (2012) Training feedforward neural networks using hybrid particle swarm optimization and gravitational search algorithm. Appl Math Comput 218:11125–11137MathSciNetCrossRefMATH

Palmieri F, Fiore U, Castiglione A (2014) A distributed approach to network anomaly detection based on independent component analysis. Concurr Comput 26(5):1113–1129CrossRef

Palmieri F, Fiore U (2010) Network anomaly detection through nonlinear analysis. Comput Secur 29(7):737–755CrossRef

Patcha A, Park JM (2007) An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput Netw 51(12):3448–3470CrossRef

Pfahringer B (2000) Winning the KDD99 classification cup: bagged boosting. SIGKDD Explor 1(2):65–66CrossRef

Ramasubramanian P, Kannan A (2006) A genetic-algorithm based neural network short-term forecasting framework for database intrusion prediction system. Soft Comput 10(8):699–714CrossRef

Rashedi E, Nezamabadi-pour H, Saryazdi S (2009) GSA: a gravitational search algorithm. Inf Sci 179:2232–2248CrossRefMATH

Rastegari S, Hingston P, Lam CP (2015) Evolving statistical rulesets for network intrusion detection. Appl Soft Comput 33:348–359CrossRef

Shakshuki EM, Kang N, Sheltami TR (2013) EAACKA secure intrusion-detection system for MANETs. IEEE Trans Ind Electron 60(3):1089–1098CrossRef

Shin S, Kwon T, Jo G-Y, Park Y, Rhy H (2010) An experimental study of hierarchical intrusion detection for wireless industrial sensor networks. IEEE Trans Ind Inf 6(4):744–757CrossRef

Sindhu SSS, Geetha S, Marikannan M, Kannan A (2009) A neuro-genetic based short-term forecasting framework for network intrusion prediction system. Int J Autom Comput 6(4):406–414CrossRef

Tavallaee M, Bagheri E, Lu W, Ghorbani A (2009) A detailed analysis of the KDD CUP’99 dataset. In: Proceedings of the IEEE symposium on computational intelligence for security and defense applications, pp 53–58

Toosi AN, Kahani M (2007) A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers. Comput Commun 30:2201–2212CrossRef

Vollmer T, Alves-Foss J, Manic M (2011) Autonomous rule creation for intrusion detection. In: IEEE symposium on computational intelligence in cyber security (CICS), pp 1–8

Wang G, Hao J, Ma J, Huang L (2010) A new approach to intrusion detection using artificial neural networks and fuzzy clustering. Expert Syst Appl 37:6225–6232CrossRef

Wu SX, Banzhaf W (2008) The use of computational intelligence in intrusion detection systems: a review. Technical report #2008-05, Memorial University of Newfoundland

Wu S, Yen E (2009) Data mining-based intrusion detectors. Expert Syst Appl 36(3):5605–5612CrossRef

Ye N, Emran SM, Chen Q, Vilbert S (2002) Multivariate statistical analysis of audit trails for host-based intrusion detection. IEEE Trans Comput 51(7):810820CrossRef

Yu Z, Tsai JJP, Weigert T (2007) An automatically tuning intrusion detection system. IEEE Trans Syst Man Cybern Part B 37(2):373–384CrossRef

Zbilut JP, Webber CL (2006) Recurrence quantification analysis. In: Akay M (ed) Wiley encyclopedia of biomedical engineering. Wiley, Hoboken

Titel: A study on intrusion detection using neural networks trained with evolutionary algorithms
verfasst von: Tirtharaj Dash
Publikationsdatum: 07.12.2015
Verlag: Springer Berlin Heidelberg
Erschienen in: Soft Computing / Ausgabe 10/2017
Print ISSN: 1432-7643
Elektronische ISSN: 1433-7479
DOI: https://doi.org/10.1007/s00500-015-1967-z

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 10/2017

Catastrophe bond pricing for the two-factor Vasicek interest rate model with automatized fuzzy decision making

Preface: A volume dedicated to Wolfgang Rump on the occasion of his 65th birthday

Filter topologies on MV-algebras

Towards secure and cost-effective fuzzy access control in mobile cloud computing

Weak QMV algebras and some ring-like structures

Quantum B-algebras: their omnipresence in algebraic logic and beyond