Intrusion Detection Using Evolutionary Neural Networks

The progress in the field of computer networks and internet is increasing with tremendous volume in recent years. This raises important issues concerning security. Several solutions emerged in the past, which provide security at the host or network level. These traditional solutions like antivirus, firewall, spyware and authentication mechanism provide security to some extents but they still face the challenges of inherent system flaws and social engineering attacks. Some interesting solution emerged like intrusion detection and prevention systems but these too have some problems like detecting and responding in real time and discovering novel attacks. Because the network intrusion behaviors are characterized with uncertainty, complexity and diversity, an intrusion detection method based on neural network and Particle Swarm Optimization (PSO) algorithm is widely used in order to address the problem. This paper gives an insight into how PSO and its variants can be combined with various neural network techniques in order to be used for anomaly detection in network intrusion detection system in order to enhance the performance of intrusion detection system.

2012

Intrusion Detection systems are increasingly a key part of system defence. Various approaches to Intrusion Detection are currently being used but false alarm rate is higher in those approaches. Network Intrusion Detection involves differentiating the attacks like DOS, U2L, R2L and Probe from the Normal user on the internet. Due to the variety of network behaviors and the rapid development of attack fashions, it’s necessary to develop an efficient model to detect all kinds of attacks. Building an effective IDS is an enormous knowledge engineering task. Characteristics of computational intelligence systems such as adaptation, fault tolerance, high computational speed and error resilience in the face of noisy information fit the requirements of building a good intrusion model. In this paper, we propose a network intrusion detection model based on evolutionary optimization technique called Genetic Network Programming (GNP) with sub attribute utilization mechanism. The proposed model is ...

Evolutionary Intelligence, 2019

Building an intrusion detection system (IDS) has become an increasingly urgent issue for detecting network security breaches in computer and network systems. However, an effective and flexible IDS is imperative. In this paper, a new natural evolutionary algorithm (EA) called multiverse optimizer (MVO) is investigated and combined with an artificial neural network (ANN) to develop advanced detection approaches for an IDS. Under this context, the combination of ANN and EA produce evolutionary neural network (ENN). ENN makes this combination a new improved system for solving problems encountered by ANNs. The main idea of this work is to use an MVO to train a feed forward multilayer artificial neural network (MVO-ANN) to identify new attacks. This approach is applied to NSL-KDD and the new benchmark dataset called UNSW-NB15. In this manner, the effectiveness of our approach on detecting various forms of attack is demonstrated. Our results using UNSW-NB15 is better than those that were obtained using NSL-KDD. Furthermore, the efficacy of our proposed method is confirmed by performing better when Ilyas Benmessahel

2020

Recently, with the technological and digital revolution, the security of data is very crucial as a massive amount of data is generated from various networks. Intrusion Detection System (IDS) has been observed to be perhaps the best solution because of its capability to distinguish between attacks that originate within or outside a corporate network. In this study, the most significant features for enhancing the IDS efficiency and creating a smaller dataset in order to reduce the execution time for detecting attacks are selected from the sizeable network dataset. This research designed an anomaly-based detection, by adopting the modified Cuckoo Search Algorithm (CSA), called Mutation Cuckoo Fuzzy (MCF) for feature selection and Evolutionary Neural Network (ENN) for classification. The proposed search algorithm uses mutation to more accurately examine the search space, to allow candidates to escape local minima. Moreover, the value of the solution is evaluated based on the objective function and the Fuzzy C Means (FCM) clustering method used to provide the best results for the overlapping dataset and create the fuzzy membership search domain which includes all possible compromise solutions. A proposed model has been practically used to the problem of intrusion detection as well as been validated using the NSL-KDD dataset. The experimental results reveal that reducing features by selecting and utilizing the most relevant features can improve execution time and at the same time enhance the efficiency and performance of IDS. INDEX TERMS Intrusion detection systems (IDSs), multilayer perceptron (MLP), multiverse optimization (MVO), cuckoo search algorithm (CSA), feature selection (FS), NSL-KDD dataset.

2017

Abstract— In order to provide complete security in a computer system and to prevent intrusion, intrusion detection systems (IDS) are required to detect if an attacker crosses the firewall, antivirus, and other security devices. Data and options to deal with it. In this paper, we are trying to provide a model for combining types of attacks on public data using combined methods of genetic algorithm and neural network. The goal is to make the designed model act as a measure of system attack and combine optimization algorithms to create the ultimate accuracy and reliability for the proposed model and reduce the error rate. To do this, we used a feedback neural network, and by examining the worker, it can be argued that this research with the new approach reduces errors in the classification.with the rapid development of communication and information technology and its applications, especially in computer networks, there is a new competition in information security and network security.

— By increasing the advantages of network based systems and dependency of daily life with them, the efficient operation of network based systems is an essential issue. Since the number of attacks has significantly increased, intrusion detection systems of anomaly network behavior have increasingly attracted attention among research community. Intrusion detection systems have some capabilities such as adaptation, fault tolerance, high computational speed, and error resilience in the face of noisy information. So, construction of efficient intrusion detection model is highly required for increasing the detection rate as well as decreasing the false detection.. This paper investigates applying the following methods to detect the attacks intrusion detection system and understand the effective of GA on the ANN result: artificial Neural Network (ANN) for recognition and used Genetic Algorithm (GA) for optimization of ANN result. We use KDD CPU 99 dataset to obtain the results; witch shows the ANN result before the efficiency of GA and compare the result of ANN with GA optimization.

Supervised intrusion detection system is a system that has the capability of learning from examples about the previous attacks to detect new attacks. Using artificial neural network (ANN)-based intrusion detection is promising for reducing the number of false negative or false positives, because ANN has the capability of learning from actual examples. In this paper, a developed learning model for fast learning network (FLN) based on particle swarm optimization (PSO) has been proposed and named as PSO-FLN. The model has been applied to the problem of intrusion detection and validated based on the famous dataset KDD99. Our developed model has been compared against a wide range of meta-heuristic algorithms for training extreme learning machine and FLN classifier. PSO-FLN has outperformed other learning approaches in the testing accuracy of the learning. INDEX TERMS Fast learning network, KDD Cup 99, intrusion detection system, particle swarm optimization.

The task of ensuring cyber-security has grown increasingly challenging as the alarming expansion of computer connectivity and the large number of computer-related applications has expanded recently. It also requires a sufficient protection system against a variety of cyberattacks. Detecting discrepancies and risks in a computer network, as well as creating intrusion detection systems (IDS) to aid in cyber-security. Artificial intelligence (AI), specifically machine learning (ML) approaches, were used to create a practical data-driven intrusion detection system. Two alternative intrusion detection (ID) classification approaches were compared in this study, each with its own set of use cases. Before using the two classifiers for classification, the Particle Swarm Optimization (PSO) approach was used to reduce dimensionality. The classification approaches used to characterise network anomalies were studied in this study. PSO + ANN (Artificial neural network), PSO + Decision Tree (PSO+D...

2012

With the rapid change and development in the sector of Information Technology and in Network technologies; the value of data and information is also increased. Today lot of valuable data is generated using many computers based application and stored back to the company database. But unfortunately, the threat to the same data is also increasing rapidly. So, development of a proper Intrusion Detection System which provides a right alarm is a hot topic today. There are many areas which helps to build such devices and software applications like Data mining techniques, network protocol system, decision tree, clustering, SNORT, Genetic Algorithm etc. This paper presents a technique of applying evolutionary algorithm i.e. Genetic Algorithm to Intrusion Detection System. It also provides a brief introduction to the parameters and evolution process of a GA and how to implement it in real IDS. Keywords—Data mining, DDOS, Evolutionary algorithm, Genetic Algorithm, Intrusion, IDS, SNORT, Threats

International Conference on Aerospace Sciences & Aviation Technology, 2009

The purpose of the work described in this paper is to provide an intrusion detection system (IDS), by applying genetic algorithm (GA) to network intrusion detection system. Parameters and evolution process for GA are discussed in detail and implemented. This approach uses information theory to filter the traffic data and thus reduce the complexity. We use a linear structure rule to classify the network behaviors into normal and abnormal behaviors. This approach applied to the KDD99 benchmark dataset and obtained high detection rate up to 99.87% as well as low false positive rate 0.003%. Finally the results of this approach compared with available machine learning techniques.