An Intelligent Decision Support System for Network Intrusion Detection

Jeya S*, Ramar K**
Periodicity:April - June'2008
DOI : https://doi.org/10.26634/jse.2.4.494

Abstract

Intrusion detection systems monitor computer networks looking for evidence of malicious actions. The attacks detection can be classified into either misuse or anomaly detection. The misuse detection can not detect unknown intrusions whereas the anomaly detection can give false positive. Combining the best feature of misuse and anomaly detection one intelligent intrusion detection system (IIDS) is proposed which is able to detect not only the known intrusions but also the unknown intrusions. For detecting the unknown intrusions the proper knowledge base is to be formed after preprocessing the packets captured from the network. The preprocessing is the combination of partitioning and feature extraction. The partitioning of packets is based on the network services and extraction of attack feature is added to the knowledge base. The preprocessed attacks can be classified by using mining classification which will be given to rule builder. The network intrusion detection system should be adaptable to all type of critical situations arise in network. This is helpful for identification of complex anomalous behaviors. This work is focused on the TCP/IP network protocols and network based IDS.

Keywords

Genetic Algorithm, Artificial Intelligence, Network Sniffer, Local Response and Global Response

How to Cite this Article?

Jeya S and Ramar K (2008). An Intelligent Decision Support System for Network Intrusion Detection. i-manager’s Journal on Software Engineering, 2(4), 33-40. https://doi.org/10.26634/jse.2.4.494

References

[1]. Chaker Katar, “Combining Multiple Techniques for Intrusion Detection”, International Journal of Computer Science and Network Security, Vol.6 No.2B, February 2006.
[2]. Dong Seong Kin, Ha Nam Ngugen, Jong Sou Park, “Genetic Algorithm to improve SVM based Network Intrusion Detection System”, Advanced information Networking and Application, Vol. 2, Pg 155-158, March 28-30, 2005.
[3]. Geer D., “Behavior based Network Security goes mainstream", IEEE Computer Society, Vol. 39, issue 3, Pg. 14-] 7, March 2006.
[4].Huaizhi Li, Mukesh Singhal, “Trust Management in Distributed System", IEEE Computer Society, Vol. 40, issue 2, Pg. 45-53, Feb. 2007.
[5]. Huntley C. L., “A developmental view of System security", IEEE Computer Society, Vol. 39, issue 1, Pg. i 13-] l4,Jan 2006.
[6]. Jungck Fr, Shim ssy, “lssues in high speed internet security", IEEE Computer Society, Vol. 37, issue 7, Pg. 36-42, July 2004.
[7]. Kemmerer R. A., Vigna G., “Hi DRA: Intrusion Detection for internet Security", Proceedings of the IEEE, Vol. 93, issue 10, Pg. 1848-1 857, Oct. 2005.
[8]. Kemmerer R. A., Vigna G., “lntrusion detection: a brief history and overview", IEEE Computer Society, Vol. 35, issue 4, Pg. 27-30, April 2002.
[9]. Leckie T. , Yasinsac A., “Metadata forAnomaly based Security Protocol attack Detection", IEEE Transaction on Knowledge and Data Engineering, Vol. 16, issue 9, Pg. 1 157-1 168, Sept. 2004.
[10]. Mishra A., Nadkarni K., Patcha A., “|ntrusion Detection in wireless ad-hoc Network", IEEE Wireless Communications, Vol. 4, issue 1, Pg. 48-60, Feb. 2004.
[11]. Nong Ye, Farley T., “A Scientific approach to cyber attack detection”, IEEE Computer Society, Vol. 38, issue 1 1, Pg. 55-61, Nov. 2005.
[12]. Ortiz Boyer D., Hervas Martinez C. and Garcia Pedrajas N., “C1XL2: A crossover operator for evolutionary algorithms based on population features”, Journal of Artificial Intelligence Research, Vol. 24, Pg. 1-48, 2005.
[13]. Song Long Pao T., Po Wei Wang, “Net flow based Intrusion Detection System", IEEE international Conference on Networking sensing & Control, Vol. 2, Pg. 731-736, 2004.
[14]. Sang Jun Han, Sung Bae Cho, “Evolutionary neural network for anomaly detection based on the behaviour of a program", IEEE Transaction on Systems, Man and Cybernetics, Part B, Vol. 36, issue 3, Pg. 559-570, June 2006.
[15]. Sarasamma S. T., Zhu Q. A., Huff J., “Hierarchical Kohonenen net for anomaly detection in Network Security", IEEE transaction on Man and Cybernetics, Vol. 35, issue 2, Pg. 302-31 2, April 2005.
[16]. Vijairagavan \/., Shah D., Galgali R, Shah D., Srinivasan \/., Bhatia L., “Marking Technique to isolate boundary router and attacker”, IEEE Computer Society, Vol.40, issue 2, Pg. 54-58, Feb. 2007.
[17]. Ying Dar Lin, Chih Wei Jan, Po Ching Lin, Yuan Cheng Lai, “Designing an integrated Architecture for Network Content Security Gateways", IEEE Computer Society, Vol. 39, issue 1 1 , Pg. 66-72, Nov. 2006.
[18]. Yu F., Laksman T. V., Motoyarna M. A., Kata R. H., “Efficient Multi match Packet classification for Network Security Application", IEEE Journal on Selected areas in Communications, Vol. 24, issue 10, Pg. 1805-1816, Oct. 2006.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.