A NOVEL ANOMALY INTRUSION DETECTION BASED ON SMO OPTIMIZED BY PSO WITH PRE-PROCESSING OF DATA SET

Authors

  • MEHDI MOUKHAFI Informatics and Applications Laboratory (IA), Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco
  • KHALID EL YASSINI Informatics and Applications Laboratory (IA), Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco
  • SEDDIK BRI Materials and Instrumentations (MIN), Department of Electrical Engineering Superior School of Technology: ESTM, Moulay Ismail University, Meknes, Morocco

Keywords:

Computer & Network Security, Intrusion Detection System (IDS), Anomaly Based Intrusion Detection, PSO, SMO, KDD Cup 1999 Dataset

Abstract

Current IDSs are mainly based on techniques based on heuristic rules called signatures to detect intrusions in a network environment. These approaches based signature could only detect a known attacks and referenced above. Since there is no signature for new attacks, other approaches must be taken in consideration, such as algorithms learning machine. However, the major problem of IDSs based on learning machine is the high rate of false positives. This study proposes a novel method of intrusion detection based on pre-processing of training data and a combination PSO (Particle Swarm Optimization) -SMO (Sequential minimal optimization) to develop a model for intrusion detection system. The simulation results show a significant improvement in performances, all tests were realized with the kdd99 data set. compared with other methods based on the same dataset, the proposed model shows high detection performances.

 

Downloads

Download data is not yet available.

References

J. P. Anderson. Computer Security Threat Monitoring and Surveillance. Technical Report, James

P. Anderson Company, Fort Washington, 1980.

D.E. Denning, An Intrusion-Detection Model. IEEE Transactions on Software Engineering,13 (2),

-232, 1987.

L.D. Silva, A.C. Santos, T.D. Mancilha, J. D. Silva, and A. Montes. Detecting attack signatures in

the real network traffic with ANNIDA. Expert Systems with Applications. 34 (4), 2326-233, 2008.

N. Hubballi and V. Suryanarayanan, False alarm minimization techniques in signature-based

intrusion detection systems: A survey, Computer Communications, 49, 1–17, 2014.

W. Lee, S.J. Stolfo and K.W. Mok, A data mining framework for building intrusion detection

models, proceedings of IEEE Symposium on Security and Privacy. 120–132 (California 1999).

M. Thottan and C. Ji, Anomaly detection in IP networks, IEEE Trans. Signal Process. 51 (8),

–2204, 1999.

S. Song and L. Ling, Flow-based Statistical Aggregation Schemes for Network Anomaly

Detection, proceeding of IEEE International Conference on Networking, Sensing and Control.

– 791, (Florida ,2006).

CSICO Company, Cisco IOS NetFlow http://www.cisco.com/warp/public/732/Tech/nmp/netflow/.

(mars, 2017).

W. Feng, Q. Zhang, G. Hu, & J. X.Huang, Mining network data for intrusion detection through

combining SVMs with ant colony networks, Future Generation Computer Systems, 37, 127–140.

F. Kuang, W. Xu, & S. Zhang, A novel hybrid KPCA and SVM with GA model for intrusion

detection. Applied Soft Computing Journal, 18, 178–184, 2014.

L. A. Wathiq, A. O. Zulaiha, Z. A. Mohd , Multi-Level Hybrid Support Vector Machine and

Extreme Learning Machine Based on Modified K-means for Intrusion Detection System, Expert

Systems with Applications, 67, 296-303, 2017.

A. Saied, R. E. Overill and T. Radzik.Detection of known and unknown DDoS attacks using

Artificial, Neural Networks, 172, 385–393, 2016.

Monowar H. Bhuyan, Bhattacharyya DK, Kalita JK. An effective unsupervised network anomaly

detection method. In proceeding of International conference on advances in computing,

communications and informatics, 533-539, (india, 2012).

E.M. Knorr, R.T. Ng and V. Tucakov. Distance-based outliers: algorithms and applications,

VLDB Journal, 8 (3), 237–253, 2000.

G.V. Nadiammai and M. Hemalatha, Effective approach toward Intrusion Detection System using

data mining techniques, Egyptian Informatics Journal, 15 (1), 37–50, 2014.

J. Kennedy, R.C. Eberhart, Particle swarm optimization, In Proceedings of the IEEE International

Conference on Neural Networks, pp. 1942–1948,(Australia 1995).

J. Kennedy, R.C. Eberhart. “A discrete binary version of the particle swarm algorithm”, Systems,

Man, and Cybernetics, 1997. Computational Cybernetics and Simulation, IEEE International.

–4109, (Orlando1997).

C. C. Burges, A tutorial on support vector machines for pattern recognition, Data Mining and

Knowledge Discovery. 2 (2), 121-167, 1998.

C. Cortes, V. Vapnik, "Support vector networks", Machine Learning, 20 (30).273-297, 1995.

T. Platt, Sequential minimal optimization: A fast algorithm for training support vector machines,

technical report msr-tr-98-I4, Microsoft Research, 1998.

W. Lee, S.J. Stolfo, K.W. Mok, Mining audit data to build intrusion detection models, In

Proceedings of the 4th International Conference on Knowledge Discovery and Data Mining. 66–

, (new York, 1998).

Mahbod Tavallaee, Ebrahim Bagheri, Wei Lu, and Ali A. Ghorbani. “A Detailed Analysis of the

KDD CUP 99 Data Set, In Proceedings of the 2009 IEEE Symposium on Computational

Intelligence in Security and Defense Applications,1-6, (Ottawa, 2009).

M. M. M. Hassan, Current Studies on Intrusion Detection System, Genetic Algorithm and Fuzzy

Logic”, International Journal of Distributed and Parallel Systems, 4(2),35-47, 2013.

Downloads

Published

2017-02-28

Issue

Section

Articles