Real-time intrusion detection with fuzzy genetic algorithm
P. Jongsuebsuk2013, 2013 10th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
ABSTRACT In this work, we consider network intrusion detection using fuzzy genetic algorithm to classify network attack data. Fuzzy rule is a machine learning algorithm that can classify network attack data, while a genetic algorithm is an optimization algorithm that can help finding appropriate fuzzy rule and give the best/optimal solution. In this paper, we consider both wellknown KDD99 dataset and our own network dataset. The KDD99 dataset is a benchmark dataset that is used in various researches while our network dataset is an online network data captured in actual network environment. We evaluate our IDS in terms of detection speed, detection rate and false alarm rate. From the experiment, we can detect network attack in real-time (or within 2-3 seconds) after the data arrives at the detection system. The detection rate of our algorithm is approximately over 97.5%.
Related papers
Intrusion Detection System using Genetic-Fuzzy Classification
2014
Intrusion detection system has become the prime focus in the area of network security research. An effective intrusion detection system must detect the previously known attacks as well as variations of known attacks and unknown attacks. The challenging and critical problem in intrusion detection is the classification of intrusion attacks and normal network traffic. Fuzzy systems have been used to solve several classification problems. Genetic-fuzzy systems hybridize the approximate reasoning method of fuzzy systems with the learning capability of evolutionary algorithms. In this paper a novel intrusion detection method is presented, capable of detecting normal and intrusive behaviours, which extracts both accurate and interpretable fuzzy IF-THEN rules from network dataset for classification. This method uses the fuzzy association rule based classification method for high dimensional problems based on three stages to obtain an accurate and compact fuzzy rule based classifier with a l...
Network Intrusion Detection & Prevention System Using Fuzzy Logic and Genetic Algorithm
2016
Now a day is very important to maintain a high level security to keep information safe and secure between different organizations. The data communication over internet is always under threat of intrusions and misuses. Thus the intrusion Detection Systems have become a need in network security. Fuzzy logic and Genetic Algorithm are two techniques that can use combine to classify network attack information. Fuzzy rule is a machine learning algorithm that can classify network attack data, while a genetic algorithm is an optimization algorithm that can use to find appropriate fuzzy rule and give the best solution. The objective of this paper is to describe a fuzzy genetic based learning algorithm and discuss its usage to detect intrusion in a computer network.
A Concept on Intrusion Detection System Genetic Algorithm, Fuzzy Logic and Challenges – A Review
Intrusion Detection System (IDS) which is increasing the key element of system security is used to identify the malicious activities in a computer system there are different approaches being employed in intrusion detection systems. The prediction process may produce false alarms in many anomaly based intrusion detection systems. With the concept of fuzzy logic, the false alarm rate in establishing intrusive activities can be reduced. A set of efficient fuzzy rules can be used to define the normal and abnormal behaviors in a computer network. Research papers regarding the foundations of intrusion detection systems, the methodologies and good fuzzy classifiers using genetic algorithm which are the focus of current development efforts and the solution of the problem of Intrusion Detection System to offer a real-world view of intrusion detection. Ultimately, a discussion of the upcoming technologies and various methodologies which promise to improve the concept of IDS
An Approach on Intrusion Detection System Using Supervised Learning Algorithms
Normally, The Internet grows rapidly and most useful in each domain but network vulnerability and intrusions are still an important issue that causes attacks. A good system to detect the illegal user is to monitoring the packets and using the different algorithms, methods and applications which are created and implemented to solve the problem of detecting the attacks in intrusion detection systems. We consider network intrusion detection using supervised learning algorithm to classify attacks in the datasets. Fuzzy rule is a machine learning algorithm that can classify network attack data and protect the system from damage, while a genetic algorithm is an optimization algorithm that can help finding appropriate fuzzy rule and give the optimal solution. We consider both well-known KDD99 dataset. We evaluate our IDS in terms of detection speed, detection rate and false alarm rate.
Intrusion Detection Using Data Mining Along Fuzzy Logic & Genetic Algorithms
JOURNAL OF COMPUTER AND INFORMATION TECHNOLOGY, 2018
Network security is of primary concerned now days for large organizations. The intrusion detection systems (IDS) are becoming indispensable for effective protection against attacks that are constantly changing in magnitude and complexity. With data integrity, confidentiality and availability, they must be reliable, easy to manage and with low maintenance cost. Various modifications are being applied to IDS regularly to detect new attacks and handle them. This paper proposes a fuzzy genetic algorithm (FGA) for intrusion detection. The FGA system is a fuzzy classifier, whose knowledge base is modelled as a fuzzy rule such as "if-then" and improved by a genetic algorithm. The reasons for introducing fuzzy logic is twofold, the first being the involvement of many quantitative features where there is no separation between normal operations and anomalies. Thus fuzzy association rules can be mined to find the abstract correlation among different security features. The method is tested on the benchmark KDD'99 intrusion dataset and compared with other existing techniques available in the literature. The results are encouraging and demonstrate the benefits of the proposed approach.
Network intrusion detection system by using genetic algorithm
2019
Developing a better intrusion detection systems (IDS) has attracted many researchers in the area of computer network for the past decades. In this paper, Genetic Algorithm (GA) is proposed as a tool that capable to identify harmful type of connections in a computer network. Different features of connection data such as duration and types of connection in network were analyzed to generate a set of classification rule. For this project, standard benchmark dataset known as KDD Cup 99 was investigated and utilized to study the effectiveness of the proposed method on this problem domain. The rules comprise of eight variables that were simulated during the training process to detect any malicious connection that can lead to a network intrusion. With good performance in detecting bad connections, this method can be applied in intrusion detection system to identify attack thus improving the security features of a computer network.
An Intelligent Temporal Adaptive Genetic Fuzzy Classification Algorithm for Effective Intrusion Detection
Intrusion detection systems (IDSs) areplaying a major role for detecting the various types of attacks on. computer network traffic and computer usage which is difficult to detect by a conventional security mechanisms Recently, most of the IDSs are developed based on data mining and machine learning techniques. In the past, the combination of fuzzy logic and genetic algorithms were used to discover fuzzy association rules that can be applied to detect intrusions. However, the existing systems have not achieved the required detection accuracy. For achieving better detection accuracy,we propose an Intelligent Temporal Adaptive Genetic Fuzzy Classification Algorithm (ITAGFCA) which can optimize rules and membership functions for providing effective network data classification. The aims of this research work are 1) Generating rules from data and to select optimal number of rules using genetic algorithms. 2) Proposing a simple technique for scheming of membership function and Discretization, and 3) Designing a fitness function by allowing the frequency of occurrence of the rules in the training data. This system establishes the efficiency of the proposed classifier by evaluation. The experimental results based on the NSL-KDD-Cup 99 dataset show that the proposed ITAGFS is not only performing better than the existing classifiers in terms of classification accuracy, detection rates, and false alarms.
An effective approach to network intrusion detection system using genetic algorithm
2010
ABSTRACT This paper presents a general overview of Intrusion Detection Systems and the methods used in these systems, giving brief points of the design principles and the major trends. Artificial intelligence techniques are widely used in this area such as fuzzy logic and Genetic algorithms. In this paper, we will focus on the Genetic algorithm technique and how it could be used in Intrusion Detection Systems giving some examples of systems and experiments proposed in this field.
Fuzzy data mining and genetic algorithms applied to intrusion detection
Proceedings of the 23rd National Information …, 2000
We are developing a prototype intelligent intrusion detection system (IIDS) to demonstrate the effectiveness of data mining techniques that utilize fuzzy logic and genetic algorithms. This system combines both anomaly based intrusion detection using fuzzy data mining techniques and misuse detection using traditional rule-based expert system techniques. The anomaly-based components are developed using fuzzy data mining techniques. They look for deviations from stored patterns of normal behavior. Genetic algorithms are used to tune the fuzzy membership functions and to select an appropriate set of features. The misuse detection components look for previously described patterns of behavior that are likely to indicate an intrusion. Both network traffic and system audit data are used as inputs for both components.
NETWORK INTRUSION DETECTION SYSTEM USING FUZZY LOGIC
Indian Journal of Computer Science …, 2011
IDS which are increasingly a key part of system defense are used to identify abnormal activities in a computer system. In general, the traditional intrusion detection relies on the extensive knowledge of security experts, in particular, on their familiarity with the computer system to be protected. To reduce this dependence, various data-mining and machine learning techniques have been used in the literature. In the proposed system, we have designed fuzzy logic-based system for effectively identifying the intrusion activities within a network. The proposed fuzzy logic-based system can be able to detect an intrusion behavior of the networks since the rule base contains a better set of rules. Here, we have used automated strategy for generation of fuzzy rules, which are obtained from the definite rules using frequent items. The experiments and evaluations of the proposed intrusion detection system are performed with the KDD Cup 99 intrusion detection dataset. The experimental results clearly show that the proposed system achieved higher precision in identifying whether the records are normal or attack one.
Performance Evaluation of a Genetic Algorithm Based Approach to Network Intrusion Detection System
International Conference on Aerospace Sciences & Aviation Technology, 2009
The purpose of the work described in this paper is to provide an intrusion detection system (IDS), by applying genetic algorithm (GA) to network intrusion detection system. Parameters and evolution process for GA are discussed in detail and implemented. This approach uses information theory to filter the traffic data and thus reduce the complexity. We use a linear structure rule to classify the network behaviors into normal and abnormal behaviors. This approach applied to the KDD99 benchmark dataset and obtained high detection rate up to 99.87% as well as low false positive rate 0.003%. Finally the results of this approach compared with available machine learning techniques.
A Genetic-Fuzzy Classification Approach to Improve High-Dimensional Intrusion Detection System
2016
With the increasing number of attacks and growing scalability of connected networks over the past few years, researchers are brought to find other alternatives to judge the relevance, severity and correlation of network attacks. The high-dimensional intrusion detection system seems a promising dynamic protection component in security fields. In this work we propose an optimized classification scheme that coordinates several techniques for generating fuzzy association rules based on a large data set. Our main task is to ameliorate the detection rate of attacks in a real-time environment by using the one-versus-one decomposition to minimize as much as possible the false alarm rate. In addition, we aim to reduce the loss of knowledge through a suitable n-dimensional overlap function in order to model the conjunction in fuzzy rules to provide enough classification accuracy. We can also opt for the aggregation method to obtain the final decision. To evaluate the performance of our approa...
A Study on Fuzzy Rules for Intrusion Detection System
2015
An intrusion detection system (IDS) is used to manage network traffic and monitors for suspicious activity and alerts the system or network administrator. One of the major properties of IDS is to respond for anomalous or malicious traffic by taking action such as blocking the user or source IP address from accessing the network. IDS can identify threats in various ways: 1) it detects specific signatures of known threats and protects against malware 2) it detects based on comparing traffic patterns against a baseline and looking for anomalies. 3) There are some IDS that simply generate an alert and 4) Some IDS perform an action or actions in response to a detected threat. In this paper, we have studied different fuzzy approaches for intrusion detection system specifically for anomaly detection system using Fuzzy set theory and we analyze Fuzzy rule and the fitness function of Genetic algorithm for anomaly based attack detection.
5 A Propose Neuro-Fuzzy-Genetic Intrusion Detection System
2015
The exponential growth and development of the internet has created many problems on network security. Current intrusion detection system has failed to fully protect system against sophisticated attacks. This research work explores some dedicated methodologies such as Artificial Neural Network (ANN), Fuzzy Logic, and Genetic Algorithms applied to Intrusion Detection Systems but attacks against networks and information systems are still successful. We proposed Neuro-fuzzy Genetic Intrusion Detection System which is a fusion of the three Artificial Intelligence techniques. We foresee they would stand a fighting chance against any sophisticated attack, improve accuracy, precision rate and reduce the false positive rate and would protect data integrity, confidentiality and availability. We also discuss the dataset for evaluating the system. In this work we have identified a new research direction in the related field.
An Implementation of Intrusion Detection System Using Genetic Algorithm
International Journal of Network Security & Its Applications, 2012
Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion Detection System (IDS), by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the KDD99 benchmark dataset and obtained reasonable detection rate.
Intrusion Detection System Using Machine Learning Approach
International Journal Of Engineering And Computer Science, 2016
In this paper, we present an intrusion detection model based on genetic algorithm and neural network. The key idea is to take advantage of classification abilities of genetic algorithm and neural network for intrusion detection system. The new model has ability to recognize an attack, to differentiate one attack from another i.e. classifying attack, and the most important, to detect new attacks with high detection rate and low false negative. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of this System. We used the KDD99 benchmark dataset and obtained reasonable detection rate
A New Method for Intrusion Detection Using Genetic Algorithm and Neural Network
2017
Abstract— In order to provide complete security in a computer system and to prevent intrusion, intrusion detection systems (IDS) are required to detect if an attacker crosses the firewall, antivirus, and other security devices. Data and options to deal with it. In this paper, we are trying to provide a model for combining types of attacks on public data using combined methods of genetic algorithm and neural network. The goal is to make the designed model act as a measure of system attack and combine optimization algorithms to create the ultimate accuracy and reliability for the proposed model and reduce the error rate. To do this, we used a feedback neural network, and by examining the worker, it can be argued that this research with the new approach reduces errors in the classification.with the rapid development of communication and information technology and its applications, especially in computer networks, there is a new competition in information security and network security.
Intrusion Detection using Fuzzy Data Mining
2014
With the rapid expansion of computer networks during the past few years, security has become a crucial issue for modern computer systems. A good way to detect illegitimate use is through monitoring unusual user activity. The solution is an Intrusion Detection System (IDS) which is used to identify attacks and to react by generating an alert or blocking the unwanted data. For IDS, use of genetic algorithm gives huge number of rules which are required for anomaly intrusion detection. These rules will work with highquality accuracy for detecting the Denial of Service and Probe type of attacks connections and with appreciable accuracy for identifying the U2R and R2L connections. After getting huge rules we apply fuzzy data mining techniques to security system and build a fuzzy data mining based intrusion detection model. These findings from this experiment have given promising results towards applying GA and Fuzzy data mining for Network Intrusion Detection. Performance of the proposed ...
New Fuzzy Logic Based Intrusion Detection System
IJSRD, 2013
In this paper, we present an efficient intrusion detection technique. The intrusion detection plays an important role in network security. However, many current intrusion detection systems (IDSs) are signature based systems. The signature based IDS also known as misuse detection looks for a specific signature to match, signaling an intrusion. Provided with the signatures or patterns, they can detect many or all known attack patterns, but they are of little use for as yet unknown attacks. The rate of false positives is close to nil but these types of systems are poor at detecting new attacks, variation of known attacks or attacks that can be masked as normal behavior. Our proposed solution, overcomes most of the limitations of the existing methods. The field of intrusion detection has received increasing attention in recent years. One reason is the explosive growth of the internet and the large number of networked systems that exist in all types of organizations. Intrusion detection techniques using data mining have attracted more and more interests in recent years. As an important application area of data mining, they aim to meliorate the great burden of analyzing huge volumes of audit data and realizing performance optimization of detection rules. The objective of this dissertation is to try out the intrusion detection on large dataset by classification algorithms binary class support vector machine and improved its learning time and detection rate in the field of Network based IDS.
A Propose Neuro-Fuzzy-Genetic Intrusion Detection System
International Journal of Computer Applications, 2015
The exponential growth and development of the internet has created many problems on network security. Current intrusion detection system has failed to fully protect system against sophisticated attacks. This research work explores some dedicated methodologies such as Artificial Neural Network (ANN), Fuzzy Logic, and Genetic Algorithms applied to Intrusion Detection Systems but attacks against networks and information systems are still successful. We proposed Neurofuzzy Genetic Intrusion Detection System which is a fusion of the three Artificial Intelligence techniques. We foresee they would stand a fighting chance against any sophisticated attack, improve accuracy, precision rate and reduce the false positive rate and would protect data integrity, confidentiality and availability. We also discuss the dataset for evaluating the system. In this work we have identified a new research direction in the related field.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.