Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Recent Advances in Computational Intelligence in Defense and Security Kapitel lesen Erstes Kapitel lesen

2016 | OriginalPaper | Buchkapitel

A Granular Intrusion Detection System Using Rough Cognitive Networks

verfasst von : Gonzalo Nápoles, Isel Grau, Rafael Falcon, Rafael Bello, Koen Vanhoof

Erschienen in: Recent Advances in Computational Intelligence in Defense and Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Security in computer networks is an active research field since traditional approaches (e.g., access control, encryption, firewalls, etc.) are unable to completely protect networks from attacks and malwares. That is why Intrusion Detection Systems (IDS) have become an essential component of security infrastructure to detect these threats before they inflict widespread damage. Concisely, network intrusion detection is essentially a pattern recognition problem in which network traffic patterns are classified as either normal or abnormal. Several Computational Intelligence (CI) methods have been proposed to solve this challenging problem, including fuzzy sets, swarm intelligence, artificial neural networks and evolutionary computation. Despite the relative success of such methods, the complexity of the classification task associated with intrusion detection demands more effective models. On the other hand, there are scenarios where identifying abnormal patterns could be a challenge as the collected data is still permeated with uncertainty. In this chapter, we tackle the network intrusion detection problem from a classification angle by using a recently proposed granular model named Rough Cognitive Networks (RCN). An RCN is a fuzzy cognitive map that leans upon rough set theory to define its topological constructs. An optimization-based learning mechanism for RCNs is also introduced. The empirical evidence indicates that the RCN is a suitable approach for detecting abnormal traffic patterns in computer networks.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel An Improved Decision System for URL Accesses Based on a Rough Feature Selection Technique
Nächstes Kapitel NNCS: Randomization and Informed Search for Novel Naval Cyber Strategies
Literatur
1.
Abraham, A., Falcon, R., Bello, R.: Rough Set Theory: A True Landmark in Data Analysis. Springer, Heidelberg (2009)CrossRefMATH
2.
Adetunmbi, A.O., Falaki, S.O., Adewale, O.S., Alese, B.K.: Network intrusion detection based on rough set and k-nearest neighbour. I. J. Comput. ICT Res. 2(1), 60–66 (2008)
3.
Aldous, D.: The continuum random tree. I. Ann. Prob. 1–28 (1991)
4.
Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)CrossRefMATH
5.
Balajinath, B., Raghavan, S.: Intrusion detection through learning behavior model. Comput. Commun. 24(12), 1202–1212 (2001)CrossRef
6.
Bello, R., Falcon, R., Pedrycz, W., Kacprzyk, J.: Granular Computing: At The Junction of Rough Sets and Fuzzy Sets. Springer, Heidelberg (2008)CrossRefMATH
7.
8.
Bhuyan, M.H., Bhattacharyya, D., Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutorials 16(1), 303–336 (2014)CrossRef
9.
10.
Bueno, S., Salmeron, J.L.: Benchmarking main activation functions in fuzzy cognitive maps. Expert Syst. Appl. 36(3), 5221–5229 (2009)CrossRef
11.
Cannady, J.: Artificial neural networks for misuse detection. In: National Information Systems Security Conference, pp. 368–81 (1998)
12.
Chang, C.C., Lin, C.J.: Libsvm: a library for support vector machines. ACM Trans. Intell. Syst. Technol. (TIST) 2(3), 27 (2011)
13.
Chen, R.C., Cheng, K.F., Chen, Y.H., Hsieh, C.F.: Using rough set and support vector machine for network intrusion detection system. In: First Asian Conference on Intelligent Information and Database Systems, 2009. ACIIDS 2009, pp. 465–470. IEEE (2009)
14.
Chimphlee, W., Abdullah, A.H., Noor Md Sap, M., Srinoy, S., Chimphlee, S.: Anomaly-based intrusion detection using fuzzy rough clustering. In: International Conference on Hybrid Information Technology, 2006. ICHIT’06, vol. 1, pp. 329–334. IEEE (2006)
15.
Costa, K.A., Pereira, L.A., Nakamura, R.Y., Pereira, C.R., Papa, J.P., Falcão, A.X.: A nature-inspired approach to speed up optimum-path forest clustering and its application to intrusion detection in computer networks. Inf. Sci. 294, 95–108 (2015)MathSciNetCrossRefMATH
16.
Dickerson, J.E., Dickerson, J.A.: Fuzzy network profiling for intrusion detection. In: 19th International Conference of the North American Fuzzy Information Processing Society, 2000. NAFIPS, pp. 301–306. IEEE (2000)
17.
Elkan, C.: Results of the KDD’99 classifier learning. ACM SIGKDD Explor. Newsl. 1(2), 63–64 (2000)CrossRef
18.
Faraoun, K., Boukelif, A.: Genetic programming approach for multi-category pattern classification applied to network intrusions detection. Int. J. Comput. Intell. Appl. 6(01), 77–99 (2006)CrossRef
19.
Feng, W., Zhang, Q., Hu, G., Huang, J.X.: Mining network data for intrusion detection through combining svms with ant colony networks. Future Gener. Comput. Syst. 37, 127–140 (2014)CrossRef
20.
Gao, H.H., Yang, H.H., Wang, X.Y.: Ant colony optimization based network intrusion feature selection and detection. In: Proceedings of 2005 International Conference on Machine Learning and Cybernetics, 2005, vol. 6, pp. 3871–3875. IEEE (2005)
21.
Geramiraz, F., Memaripour, A.S., Abbaspour, M.: Adaptive anomaly-based intrusion detection system using fuzzy controller. Int. J. Netw. Secur. 14(6), 352–361 (2012)
22.
Govindarajan, M.: Hybrid intrusion detection using ensemble of classification methods. Int. J. Comput. Netw. Inf. Secur. 2, 45–53 (2014)
23.
Guo, C., Zhou, Y., Ping, Y., Zhang, Z., Liu, G., Yang, Y.: A distance sum-based hybrid method for intrusion detection. Appl. Intell. 40(1), 178–188 (2014)CrossRef
24.
Hofmann, A., Schmitz, C., Sick, B.: Rule extraction from neural networks for intrusion detection in computer networks. In: IEEE International Conference on Systems, Man and Cybernetics, 2003, vol. 2, pp. 1259–1265. IEEE (2003)
25.
Hong, J., Baker, M.: Wearable computing. IEEE Pervasive Comput. 13(2), 7–9 (2014)CrossRef
26.
Jankowski, A., Skowron, A.: Toward perception based computing: A rough-granular perspective. In: Zhong, N., Liu, J., Yao, Y., Wu, J., Lu, S., Li, K. (eds.) Web Intelligence Meets Brain Informatics. Lecture Notes in Computer Science, vol. 4845, pp. 122–142. Springer, Heidelberg (2007)CrossRef
27.
Jazzar, M., Bin Jantan, A.: Using fuzzy cognitive maps to reduce false alerts in SOM-based intrusion detection sensors. In: Second Asia International Conference on Modeling Simulation, 2008. AICMS 08, pp. 1054–1060 (2008)
28.
John, G.H., Langley, P.: Estimating continuous distributions in Bayesian classifiers. In: Proceedings of the Eleventh conference on Uncertainty in artificial intelligence, pp. 338–345. Morgan Kaufmann Publishers Inc. (1995)
29.
Karami, A., Guerrero-Zapata, M.: A fuzzy anomaly detection system based on hybrid pso-kmeans algorithm in content-centric networks. Neurocomputing 149, 1253–1269 (2015)CrossRef
30.
31.
Khan, M.S.A.: Rule based network intrusion detection using genetic algorithm. Int. J. Comput. Appl. 18(8), 26–29 (2011)
32.
Kirkpatrick, K.: Software-defined networking. Commun. ACM 56(9), 16–19 (2013)CrossRef
33.
Kohavi, R.: Scaling up the accuracy of Naive-Bayes classifiers: a decision-tree hybrid. In: KDD, pp. 202–207 (1996)
34.
35.
Kosko, B.: Hidden patterns in combined and adaptive knowledge networks. Int. J. Approximate Reasoning 2(4), 377–393 (1988)CrossRefMATH
36.
37.
Krichene, J., Boudriga, N.: Incident response probabilistic cognitive maps. In: International Symposium on Parallel and Distributed Processing with Applications, 2008. ISPA ’08, pp. 689–694 (2008)
38.
Kuang, F., Xu, W., Zhang, S.: A novel hybrid KPCA and SVM with GA model for intrusion detection. Appl. Soft Comput. 18, 178–184 (2014)CrossRef
39.
Kuehn, A.: Extending Cybersecurity, Securing Private Internet Infrastructure: the US Einstein Program and its Implications for Internet Governance. Springer (2014)
40.
Labib, K., Vemuri, V.R.: NSOM: A tool to detect denial of service attacks using self-organizing maps. Department of Applied Science University of California, Davis, California, USA, Technical Report (2002)
41.
Li, L., Zhao, K.: A new intrusion detection system based on rough set theory and fuzzy support vector machine. In: 2011 3rd International Workshop on Intelligent Systems and Applications (ISA), pp. 1–5 (2011)
42.
Liang, D., Pedrycz, W., Liu, D., Hu, P.: Three-way decisions based on decision-theoretic rough sets under linguistic assessment with the aid of group decision making. Appl. Soft Comput. 29, 256–269 (2015)CrossRef
43.
Liu, G.G.: Intrusion detection systems. In: Applied Mechanics and Materials, vol. 596, pp. 852–855. Trans Tech Publications (2014)
44.
Loganathan, G.: A new heuristic optimization algorithm: harmony search. Simulation 76(2), 60–68 (2001)CrossRef
45.
Manikopoulos, C., Papavassiliou, S.: Network intrusion and fault detection: a statistical anomaly approach. IEE Commun. Mag. 40(10), 76–82 (2002)CrossRef
46.
McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)CrossRef
47.
Mell, P., Grance, T.: The NIST definition of cloud computing (2011)
48.
Nápoles, G., Grau, I., Vanhoof, K., Bello, R.: Hybrid model based on rough sets theory and fuzzy cognitive maps for decision-making. In: Kryszkiewicz, M., Cornelis, C., Ciucci, D., Medina-Moreno, J., Motoda, H., Ras, Z. (eds.) RSEISP 2014 (2014)
49.
50.
Pedrycz, W., Al-Hmouz, R., Morfeq, A., Balamash, A.S.: Building granular fuzzy decision support systems. Knowl.-Based Syst. 58, 3–10 (2014)CrossRef
51.
Pedrycz, W., Al-Hmouz, R., Morfeq, A., Balamash, A.S.: Distributed proximity-based granular clustering: towards a development of global structural relationships in data. Soft Comput. 1–17 (2014)
52.
Pedrycz, W., Skowron, A., Kreinovich, V.: Handbook of Granular Computing. Wiley (2008)
53.
Poongothai, T., Duraiswamy, K.: Effective cross layer intrusion detection in mobile ad hoc networks using rough set theory and support vector machines. Asian J. Inf. Technol. 12(8), 242–249 (2013)
54.
Quinlan, J.R.: C4.5: Programs for Machine Learning (2014)
55.
Roh, S.B., Pedrycz, W., Ahn, T.C.: A design of granular fuzzy classifier. Expert Syst. Appl. 41(15), 6786–6795 (2014)CrossRef
56.
Ruck, D.W., Rogers, S.K., Kabrisky, M., Oxley, M.E., Suter, B.W.: The multilayer perceptron as an approximation to a Bayes optimal discriminant function. IEEE Trans. Neural Netw. 1(4), 296–298 (1990)CrossRef
57.
Shafi, K., Abbass, H.A.: Biologically-inspired complex adaptive systems approaches to network intrusion detection. Inf. Secur. Tech. Rep. 12(4), 209–217 (2007)CrossRef
58.
Shafi, K., Abbass, H.A.: An adaptive genetic-based signature learning system for intrusion detection. Expert Syst. Appl. 36(10), 12036–12043 (2009)CrossRef
59.
Shafi, K., Kovacs, T., Abbass, H.A., Zhu, W.: Intrusion detection with evolutionary learning classifier systems. Nat. Comput. 8(1), 3–27 (2009)MathSciNetCrossRefMATH
60.
Shrivastava, S.K., Jain, P.: Effective anomaly based intrusion detection using rough set theory and support vector machine. Int. J. Comput. Appl. 18(3), 35–41 (2011)
61.
Simmross-Wattenberg, F., Asensio-Pérez, J.I., Casaseca-de-la H.P., Martin-Fernandez, M., Dimitriadis, I.A., Alberola-Lopez, C.: Anomaly detection in network traffic based on statistical inference and alpha-stable modeling. IEEE Trans. Dependable Secure Comput. 8(4), 494–509 (2011)
62.
Siraj, A., Vaughn, R.: Multi-level alert clustering for intrusion detection sensor data. In: Annual Meeting of the North American Fuzzy Information Processing Society, 2005. NAFIPS 2005, pp. 748–753 (2005)
63.
Siraj, A., Bridges, S.M., Vaughn, R.B.: Fuzzy cognitive maps for decision support in an intelligent intrusion detection system. In: Joint 9th IFSA World Congress and 20th NAFIPS International Conference, 2001, vol. 4, pp. 2165–2170. IEEE (2001)
64.
Siraj, A., Vaughn, R.B., Bridges, S.M.: Intrusion sensor data fusion in an intelligent intrusion detection system architecture. In: Proceedings of the 37th Annual Hawaii International Conference on System Sciences, 2004, pp. 1–10. IEEE (2004)
65.
Sivaranjanadevi, P., Geetanjali, M., Balaganesh, S., Poongothai, T.: An effective intrusion system for mobile ad hoc networks using rough set theory and support vector machine. IJCA Proc. E Governance Cloud Comput. Serv. 2, 1–7 (2012)
66.
Song, X., Wu, M., Jermaine, C., Ranka, S.: Conditional anomaly detection. IEEE Trans. Knowl. Data Eng. 19(5), 631–645 (2007)CrossRef
67.
Sun, J., Yang, H., Tian, J., Wu, F.: Intrusion detection method based on wavelet neural network. In: Second International Workshop on Knowledge Discovery and Data Mining, 2009. WKDD 2009, pp. 851–854. IEEE (2009)
68.
Tajbakhsh, A., Rahmati, M., Mirzaei, A.: Intrusion detection using fuzzy association rules. Appl. Soft Comput. 9(2), 462–469 (2009)CrossRef
69.
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defence Applications 2009 (2009)
70.
Visconti, A., Tahayori, H.: Artificial immune system based on interval type-2 fuzzy set paradigm. Appl. Soft Comput. 11(6), 4055–4063 (2011)CrossRef
71.
Wang, C.M., Huang, Y.F.: Self-adaptive harmony search algorithm for optimization. Expert Syst. Appl. 37(4), 2826–2837 (2010)CrossRef
72.
Wang, W., Pedrycz, W., Liu, X.: Time series long-term forecasting model based on information granules and fuzzy clustering. Eng. Appl. Artif. Intell. 41, 17–24 (2015)CrossRef
73.
Wu, S.X., Banzhaf, W.: The use of computational intelligence in intrusion detection systems: a review. Appl. Soft Comput. 10(1), 1–35 (2010)CrossRef
74.
Xin, J., Dickerson, J., Dickerson, J.A.: Fuzzy feature extraction and visualization for intrusion detection. In: The 12th IEEE International Conference on Fuzzy Systems, 2003. FUZZ’03, vol. 2, pp. 1249–1254. IEEE (2003)
75.
Yang, H., Li, T., Hu, X., Wang, F., Zou, Y.: A survey of artificial immune system based intrusion detection. Sci. World J. 2014 (2014)
76.
Yao, Y.: Three-way decision: An interpretation of rules in rough set theory. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 5589 LNAI, 642–649 (2009)
77.
78.
Yong, H., Feng, Z.X.: Expert system based intrusion detection system. In: 2010 International Conference on Information Management, Innovation Management and Industrial Engineering (ICIII), vol. 4, pp. 404–407. IEEE (2010)
79.
Yu, M.: A nonparametric adaptive cusum method and its application in network anomaly detection. Int. J. Advancements Comput. Technol. 4(1), 280–288 (2012)CrossRef
80.
Zaghdoud, M., Al-Kahtani, M.S.: Contextual fuzzy cognitive map for intrusion response system. Int. J. Comput. Inf. Technol. 2(3), 471–478 (2013)
81.
Zhang, C., Jiang, J., Kamel, M.: Comparison of BPL and RBF network in intrusion detection system. In: Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing, pp. 466–470. Springer (2003)
82.
Zhang, L., Bai, Z., Luo, S., Cui, G., Li, X.: A dynamic artificial immune-based intrusion detection method using rough and fuzzy set. In: 2013 International Conference on Information and Network Security (ICINS 2013), pp. 1–7 (2013)
83.
Zhong, C., Yang, F., Zhang, L., Li, Z.: An efficient distributed coordinated intrusion detection algorithm. In: 2005 International Conference on Machine Learning and Cybernetics, pp. 2679–2685 (2006)
Metadaten
Titel
A Granular Intrusion Detection System Using Rough Cognitive Networks
verfasst von
Gonzalo Nápoles
Isel Grau
Rafael Falcon
Rafael Bello
Koen Vanhoof
Copyright-Jahr
2016
Buch
Recent Advances in Computational Intelligence in Defense and Security

Print ISBN: 978-3-319-26448-6

Electronic ISBN: 978-3-319-26450-9

Copyright-Jahr: 2016

DOI
https://doi.org/10.1007/978-3-319-26450-9_7

Premium Partner

    Bildnachweise