ETRI Journal

  • 제37권3호
  • /
  • Pages.502-511
  • /
  • 2015
  • /
  • 1225-6463(pISSN)
  • /
  • 2233-7326(eISSN)
한국전자통신연구원 (Electronics and Telecommunications Research Institute)
권호 표지
DOI QR코드

DOI QR Code

Hybrid Fuzzy Adaptive Wiener Filtering with Optimization for Intrusion Detection

  • 투고 : 2014.03.04
  • 심사 : 2015.02.03
  • 발행 : 2015.05.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Intrusion detection plays a key role in detecting attacks over networks, and due to the increasing usage of Internet services, several security threats arise. Though an intrusion detection system (IDS) detects attacks efficiently, it also generates a large number of false alerts, which makes it difficult for a system administrator to identify attacks. This paper proposes automatic fuzzy rule generation combined with a Wiener filter to identify attacks. Further, to optimize the results, simplified swarm optimization is used. After training a large dataset, various fuzzy rules are generated automatically for testing, and a Wiener filter is used to filter out attacks that act as noisy data, which improves the accuracy of the detection. By combining automatic fuzzy rule generation with a Wiener filter, an IDS can handle intrusion detection more efficiently. Experimental results, which are based on collected live network data, are discussed and show that the proposed method provides a competitively high detection rate and a reduced false alarm rate in comparison with other existing machine learning techniques.

키워드

참고문헌

  1. S. Axelsson, "Intrusion Detection Systems: A Survey and Taxonomy," Department of Computer Engineering, Chalmers University, 2000, Report no. 99-15.
  2. A. Lazarevic et al., "A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection," Proc. SIAM Conf. Data Mining, University of Minnesota, Minneapolis, MN, USA, 2003.
  3. S.-J. Han and S.-B. Cho, "Evolutionary Neural Networks for Anomaly Detection Based on the Behavior of a Program," IEEE Trans. Syst., Man, Cybern. Part B, vol. 36, no. 3, June 2005, pp. 559-570.
  4. W. Lu and I. Traore, "Detecting New Forms of Network Intrusion Using Genetic Programming," Comput. Intell., vol. 20, no. 3, Aug. 2004, pp. 475-494. https://doi.org/10.1111/j.0824-7935.2004.00247.x
  5. L.A. Zadeh, "Role of Soft Computing and Fuzzy Logic in the Conception, Design and Development of Information/Intelligent Systems," in Comput. Intell.: Soft Comput. Fuzzy-Neuro Integr. Appl., Berlin, Germany: Springer Berlin, Heidelberg, 1998, pp. 1-9.
  6. A. Abraham and R. Jain, "Soft Computing Models for Network Intrusion Detection Systems," Classification Clustering Konowl. Discovery, Berlin, Germany: Springer Berlin Heidelberg, vol. 16, 2005, pp. 191-207.
  7. J. Gomez and D. Dasgupta, "Evolving Fuzzy Classifiers for Intrusion Detection," Proc. IEEE Workshop Inf. Assurance, United States Military Academy, West Point, NY, USA, 2001, pp. 68-75.
  8. Y. Li and L. Guo, "An Active Learning Based TCM-KNN Algorithm for Supervised Network Intrusion Detection," Comput. Security, vol. 26, no. 7, Dec. 2007, pp. 459-467. https://doi.org/10.1016/j.cose.2007.10.002
  9. H.A. Nguyen and D. Choi, "Application of Data Mining to Network Intrusion Detection: Classifier Selection Model," Proc. Asia-Pacific Symp. Netw. Operation Manag., vol. 5297, 2008, pp. 399-408.
  10. Z. Zhang et al., "HIDE: A Hierarchical Network IDS Using Statistical Preprocessing and Neural Network Classification," Proc. IEEE Workshop Int. Assurance Security, West Point, NY, USA, 2001, pp. 85-90.
  11. S.T. Powers and J. He, "A Hybrid Artificial Immune System and Self Organizing Map for Network Intrusion Detection," Inf. Sci., vol. 178, no. 15, Aug. 15, 2008, pp. 3024-3042. https://doi.org/10.1016/j.ins.2007.11.028
  12. J.R. Koza, Genetic Programming: On the Programming of Computing by Means of Natural Selection, Cambridge, MA, USA: MIT Press, 1992.
  13. K. Shafi and H.A. Abbass, "Biologically-Inspired Complex Adaptive Systems Approaches to Network Intrusion Detection," Inf. Security, Techn. Report, vol. 12, no. 4, 2007, pp. 209-217. https://doi.org/10.1016/j.istr.2007.09.001
  14. T. Sousa, A. Silva, and A. Neves, "Particle Swarm Based Data Mining Algorithms for Classification Tasks," Parallel Comput., vol. 30, no. 5-6, May-June 2004, pp. 767-783. https://doi.org/10.1016/j.parco.2003.12.015
  15. S. Revathi, Linkware Technologies Private Limited, Network Simulator Capture (NSC) Dataset. Accessed Dec. 18, 2013. https://www.linkware.in/
  16. Lincoln, Darpa Intrusion Detection Dataset. Accessed Jan. 11, 2011. http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html
  17. UCI KDD Archive, KDDCup99 Data, University of California. Accessed Oct. 28, 1999. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
  18. M. Tavallaee et al., "A Detailed Analysis of the KDDCup99 Data Set," Proc. IEEE Symp. Comput. Intell. Security Defense Appl., July 8-10, 2009, pp. 1-6.
  19. NSL-KDD Data Set, Network-Based Idss. Accessed Mar. 2009. http://nsl.cs.unb.ca/KDD/NSLKDD.html
  20. A.N. Toosi and M. Kahani, "A New Approach to Intrusion Detection Based on an Evolutionary Soft Computing Model Using Neuro-Fuzzy Classifiers," Comput. Commun., vol. 30, no. 10, July 31, 2007, pp. 2201-2212. https://doi.org/10.1016/j.comcom.2007.05.002
  21. Y.Y. Chung and N. Wahid, "A Hybrid Network IDS Using Simplified Swarm Optimization (SSO)," Appl. Soft Comput., vol. 12, no. 9, Sept. 2012, pp. 3014-3022. https://doi.org/10.1016/j.asoc.2012.04.020
  22. S. Mabu et al., "An Intrusion-Detection Model Based on Fuzzy Class-Association-Rule Mining Using Genetic Network Programming," IEEE Trans. Syst., Man., Cybern., - Part C: Appl. Rev., vol. 41, no. 1, Jan. 2011, pp. 130-139. https://doi.org/10.1109/TSMCC.2010.2050685
  23. S. Zaman, M. El-Abed, and F. Karray, "Features Selection Approaches for IDSs Based on Evolution Algorithms," Int. Conf. Ubiquitous Inf. Manag. Commun., Kota Kinabalu, Malaysia, Jan. 17-19, 2013.
  24. M. Davarynejad, T. Akbarzadeh, and N. Pariz, "A Novel General Framework for Evolutionary Optimization: Adaptive Fuzzy Fitness Granulation," Proc. IEEE Int. Conf. Evolutionary Comput., Singapore, Sept. 25-28, 2007, pp. 951-956.
  25. A.J. Malik, W. Shahzad, and F.A. Khan, "Network Intrusion Detection Using Hybrid Binary PSO and Random Forests Algorithm," IEEE Congress Evolutionary Comput., New Orleans, LA, USA, June 2011, pp. 662-668.
  26. M. Al-Kasassbeh, "Network Intrusion Detection with Wiener Filter-Based Agent," World Appl. Sci. J., vol. 13, no. 11, 2011, pp. 2372-2384.
  27. L.A. Zadeh, "Fuzzy Sets," Inf. Contr., vol. 8, no. 3, June 1965, pp. 338-353. https://doi.org/10.1016/S0019-9958(65)90241-X
  28. B. Mulgrew, P. Grant, and J. Thompson, Digital Signal Process. - Concepts and Applications, Houndmills and London: Macmillan Press Ltd., 1999, pp. 1-408.
  29. S. Haykin, Adaptive Filter Theory, Upper Saddle River, NJ, USA: Prentice-Hall, Inc., 1996, pp. 1-989.
  30. M.H. Hayes, Statistical Digital Signal Process and Modeling, New York, NY, USA: John Wiley & Sons, Inc., 1996, pp. 1-624.
  31. S. Revathi and A. Malathi, "Feature Extraction Using the Sim-Swadorest Optimization Algorithm for Intrusion Detection," Int. Conf. Recent Innovations Comput. Sci. Inf. Technol., Singapore, Nov. 8, 2014, pp. 75-79.

피인용 문헌

  1. Feature-Chain Based Malware Detection Using Multiple Sequence Alignment of API Call vol.ed99, pp.4, 2015, https://doi.org/10.1587/transinf.2015cyp0007
  2. Network intrusion detection algorithm based on deep neural network vol.13, pp.1, 2015, https://doi.org/10.1049/iet-ifs.2018.5258