Anomaly intrusion detection system using immune network with reduced network traffic features

Anomaly intrusion detection system using immune network with reduced network traffic features

Intrusion Detection Systems (IDS) are developed to be the defense against these security threats. Current signature based IDS like firewalls and anti viruses, which rely on labeled training data, generally can not detect novel attacks. A method that offers a promise to solve this problem is the anom...

全面介紹

Saved in:
書目詳細資料
主要作者: Qasem, Murad Abdo Rassam
格式: Thesis
語言:English
出版: 2010
主題:
QA75 Electronic computers
Computer science
在線閱讀:http://eprints.utm.my/id/eprint/11367/6/MuradAbdoRassamMFSKSM2010.pdf
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
實物特徵
總結:Intrusion Detection Systems (IDS) are developed to be the defense against these security threats. Current signature based IDS like firewalls and anti viruses, which rely on labeled training data, generally can not detect novel attacks. A method that offers a promise to solve this problem is the anomaly based IDS. Literature has shown that direction towards reducing false positive rate and thus enhancing the detection rate and speed have shifted from accurate machine learning classifiers to the adaptive models like bio-inspired models. Consequently, this study has been introduced to enhance the detection rate and speed up the detection process by reducing the network traffic features. Moreover, it aimed to investigate the implementation of the bio-inspired Immune Network approach for clustering different kinds of attacks. This approach aimed at enhancing the detection rate of novel attacks and thus decreasing the high false positive rate in IDS. Rough Set method was applied to reduce the dimension of KDD CUP ’99 dataset which used by this study and select only the features that best represent all kinds of attacks. Immune Network clustering was then applied using aiNet algorithm in order to cluster normal data from attacks in the testing dataset. The results revealed that detection rate and speed were enhanced by using only the most significant features. Furthermore, it was found that Immune Network clustering method is robust in detecting novel attacks in the test dataset. The principal conclusion was that IDS is enhanced by the use of significant network traffic features besides the implementation of the Immune Network clustering to detect novel attacks.

相似書籍