A New Approach for Adaptive Intrusion Detection

Adaptability is a relevant feature for an Intrusion Detection System (IDS). It enables the IDS to adjust itself in a dynamic changing environment by practicing autonomous learning of new attacks and normal behavior patterns. Therefore, the IDS will be able to ensure its sustainability and effectiveness in computing environments which are becoming increasingly evolutionary and dynamic. However, the adaptability remains a messing functionality in the design of existing IDSs and the research works offer a limited and constrained adaptability. This paper proposes a new approach for IDS adaptability by integrating a Simple COnnectionist Evolving System (SECOS) and a Winner-Takes-All (WTA) hierarchy of XCS (eXtended Classifier System). This integration puts in relief an adaptive hybrid intrusion detection core that plants the adaptability as an intrinsic and native functionality in the IDS.

[1]  Walter D. Potter,et al.  A Blackboard-Based Learning Intrusion Detection System: A New Approach , 2003, IEA/AIE.

[2]  Xin Xu Adaptive Intrusion Detection Based on Machine Learning : Feature Extraction , Classifier Construction and Sequential Pattern Prediction , 2006 .

[3]  James Cannady Applying CMAC-based online learning to intrusion detection , 2000, Proceedings of the IEEE-INNS-ENNS International Joint Conference on Neural Networks. IJCNN 2000. Neural Computing: New Challenges and Perspectives for the New Millennium.

[4]  Chunlin Zhang,et al.  Intrusion detection using hierarchical neural networks , 2005, Pattern Recognit. Lett..

[5]  Cédric Buche,et al.  Les systèmes de classeurs. Une présentation gAnérale , 2006, Tech. Sci. Informatiques.

[6]  Simon Pietro Romano,et al.  Real Time Detection of Novel Attacks by Means of Data Mining Techniques , 2005, ICEIS.

[7]  Andrew H. Sung,et al.  Intrusion detection using an ensemble of intelligent paradigms , 2005, J. Netw. Comput. Appl..

[8]  Olivier Sigaud,et al.  Les systèmes de classeurs , 2007, Rev. d'Intelligence Artif..

[9]  Zhang Yi,et al.  A hierarchical intrusion detection model based on the PCA neural networks , 2007, Neurocomputing.

[10]  Salvatore J. Stolfo,et al.  Adaptive Intrusion Detection: A Data Mining Approach , 2000, Artificial Intelligence Review.

[11]  Salvatore J. Stolfo,et al.  A framework for constructing features and models for intrusion detection systems , 2000, TSEC.

[12]  Dennis F. Kibler,et al.  Symbolic Nearest Mean Classifiers , 1997, AAAI/IAAI.

[13]  Xin Xu Adaptive Intrusion Detection Based on Machine Learning: Feature Extraction, Classifier Construction and Sequential Pattern Prediction , 2006 .

[14]  Michael J. Watts Evolving connectionist systems: Characterisation, simplification, formalisation, explanation and optimisation , 2004 .

[15]  Olivier Sigaud Les systèmes de classeurs : Un état de l'art , 2007 .

[17]  Salvatore J. Stolfo,et al.  Adaptive Model Generation for Intrusion Detection Systems , 2000 .

[18]  Nikola Kasabov,et al.  Evolving Connectionist Systems: Methods and Applications in Bioinformatics, Brain Study and Intelligent Machines , 2002, IEEE Transactions on Neural Networks.

[19]  Hussein A. Abbass,et al.  Intrusion detection with evolutionary learning classifier systems , 2009, Natural Computing.

[20]  Michael J. Watts,et al.  Evolutionary optimisation of evolving connectionist systems , 2002, Proceedings of the 2002 Congress on Evolutionary Computation. CEC'02 (Cat. No.02TH8600).

[21]  Cédric Buche Un système tutoriel intelligent et adaptatif pour l'apprentissage de compétences en environnement virtuel de formation. (Intelligent and adaptative tutoring system for the learning of competences in virtual environment for training) , 2005 .

[22]  Hassina Bensefia,et al.  Towards an Adaptive Intrusion Detection System: A Critical and Comparative Study , 2008, 2008 International Conference on Computational Intelligence and Security.