A Signature Based Intrusion Detection System with HPFSM and Fuzzy Based Classification Method (IDSFSC)
Author : S. Latha and Sinthu Janita PrakashVolume 8 No.2 April-June 2019 pp 23-29
Abstract
Securing a network from the attackers is a challenging task at present as many users involve in variety of computer networks. To protect any individual host in a network or the entire network, some security system must be implemented. In this case, the Intrusion Detection System (IDS) is essential to protect the network from the intruders. The IDS has to deal with a lot of network packets with different characteristics. A signature-based IDS is a potential tool to understand former attacks and to define suitable method to conquest it in variety of applications. This research article elucidates the objective of IDS with a mechanism which combines the network and host-based IDS. The benchmark dataset for DARPA is considered to generate the IDS mechanism. In this paper, a frame work IDSFSC – signature-based IDS with high pertinent feature selection method is framed. This frame work consists of earlier proposed Feature Selection Method (HPFSM with Enhanced Artificial Neural Network (EANN) for classification of nodes or packets in the network, then the signatures or attack rules are configured by implementing Association Rule mining algorithm and finally the rules are restructured using a pattern matching algorithm-Aho-Corasick to ease the rule checking. The metrics classification accuracy, False Positive Rate (FPR) and Precision are checked and proved the proposed frame work’s efficiency.
Keywords
Feature Selection, Intrusion Detection System, Association Rule Mining, Apriori Algorithm, Artificial Neural Network, Aho-Corasick Pattern Matching Algorithm, Gain Ratio, Chi-Square Analysis
Full Text:
References
[1] Sen, Biswaraj, et al., “A Trust-Based Intrusion Detection System for Mitigating Blackhole Attacks in MANET”, Advanced Computational and Communication Paradigms, Springer, Singapore, Vol. 706, pp. 765-775, 2018.
[2] Min, Hong, et al., “Pattern Matching Based Sensor Identification Layer for an Android Platform”, Wireless Communications and Mobile Computing, Vol. 2018, Oct 2018.
[3] Park, Hasil, et al., “Hybrid Sensor Network-Based Indoor Surveillance System for Intrusion Detection”, Symmetry, Vol. 10, No. 6, May 2018.
[4] Moustafa, Nour, Gideon Creech, and Jill Slay, “Anomaly Detection System Using Beta Mixture Models and Outlier Detection”, Progress in Computing, Analytics and Networking, Springer, Singapore, Vol.710, pp. 125-135, April 2018.
[5] Deshpande, Prachi, et al., “HIDS: A host-based intrusion detection system for cloud computing environment”, International Journal of System Assurance Engineering and Management, Vol. 9, No. 3, pp. 567-576, June 2018.
[6] Kuo, Cheng-Chung, et al., “Design and Implementation of a Host-Based Intrusion Detection System for Linux-Based Web Server”, International Conference on Intelligent Information Hiding and Multimedia Signal Processing. Springer, Cham, Vol. 110, Nov 2018.
[7] Jianglong Song, Wentao Zhao, Qiang Liu and Xin Wang, “Hybrid Feature Selection for Supporting Light Weight Intrusion Detection
Systems”, IOP Conference Series, Journal of Physics, Conference Series, Vol. 887, pp. 1-7, Aug 2017.
[8] M.S Irfan Ahmed, A.M. Riyad R.L Raheemaa Khan, K. Mohamed Jamshad, E. Shamsudeen, “Information based feature selection for intrusion detection systems”, International Journal of Scientific & Engineering Research., Vol. 8, No. 7, pp.2362-2366, July 2017.
[9] Li, Longjie, et al., “Towards Effective Network Intrusion Detection: A Hybrid Model Integrating Gini Index and GBDT with PSO,” Journal of Sensors, Vol.2018, Mar 2018.
[10] Raman, MR Gauthama, et al., “A hypergraph and arithmetic residue-based probabilistic neural network for classification in intrusion detection systems”, Neural Networks., Vol. 92, pp. 89-97, Aug 2017.
[11] Yu Wang, et al., “A fog-based privacy-preserving approach for distributed signature-based intrusion detection,” Journal of Parallel and Distributed Computing., Vol. 122, pp. 26-35, December 2018.
[12] Cohen, Yehonatan, Danny Hendler and Amir Rubin, “Detection of malicious webmail attachments based on propagation patterns,” Knowledge-Based Systems, Vol. 141, pp. 67-79, Feb 2018.
[13] S. Latha, and S.J. Prakash, “HPFSM-A high pertinent feature selection mechanism for intrusion detection system”, International Journal of Pure and Applied Mathematics., Vol. 118, No. 9, pp. 77-83, 2018.
[14] Mehrotra, Latika, Prashant Sahai Saxena, and Nitika Vats Doohan, “A Data Classification Model: For Effective Classification of Intrusion in an Intrusion Detection System Based on Decision Tree Learning Algorithm”, Information and Communication Technology for Sustainable Development, Springer, Singapore, Vol. 9, pp. 61-66, Nov 2017.
[15] M. Sathya, and K. Thangadurai, “Association Rule Generation Using E-ACO Algorithm”, International Journal of Control Theory and Applications, Vol. 27, No. 9, pp. 513-521, 2016.
[16] Shim, Kyu-Seok, et al., “Effective behavior signature extraction method using sequence pattern algorithm for traffic identification”, International Journal of Network Management, Vol. 28, No. 2, pp. 1-7, Aug 2017.
[17] Santosh Kumar Sahu, “A Detail Analysis on Intrusion Detection Datasets”, IEEE International Advance Computing Conference (IACC), pp.1348-1353, Feb 2014.
[18] Zibusiso Dewa and Leandros A. Maglaras, “Data Mining and Intrusion Detection Systems”, (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 7, No. 1, pp. 62-71, Jan 2016.