Memory efficacious pattern matching intrusion detection system

In today's web-enabled world, the communications happening over the network is intensifying at a capacious rate. Not all communications are credible and malpractice can arise anywhere, anytime. If the normal traffic is slightly modified to delude the intrusion detection system, then the traditional systems might not be able to discern the same effectively. Thus, a system that could detect and ferret out the novel attacks has been proposed. Since any number of users can use a web page, maintaining the availability of the resources and allocating them to the active users as per their need is very essential. The multi-thread concept is used to share the resources that each client can use. Attribute Selection Algorithm is used as the feature extraction algorithm in weka, to yield those relevant features pertaining to the user's request and helps in achieving a more accurate result. Memory efficiency is brought in with the cascading binary search tree. The patterns are efficiently stored and hence the search for the presence of an attack is accomplished effectively. An Intrusion Detection System which is memory efficient and effective enough in detecting attacks and reducing the false positives is thus proposed.

[1]  Adetunmbi A. Olusola,et al.  Analysis of KDD '99 Intrusion Detection Dataset for Selection of Relevance Features , 2010 .

[2]  Gavin Brown,et al.  Conditional Likelihood Maximisation: A Unifying Framework for Information Theoretic Feature Selection , 2012, J. Mach. Learn. Res..

[3]  Jennifer G. Dy,et al.  A Novel Feature Selection for Intrusion Detection in Virtual Machine Environments , 2011, 2011 IEEE 23rd International Conference on Tools with Artificial Intelligence.

[4]  Haleh Vafaie,et al.  Feature Selection Methods: Genetic Algorithms vs. Greedy-like Search , 2009 .

[5]  Xenofontas A. Dimitropoulos,et al.  Histogram-based traffic anomaly detection , 2009, IEEE Transactions on Network and Service Management.

[6]  Yu-Xin Meng,et al.  The practice on using machine learning for network anomaly intrusion detection , 2011, 2011 International Conference on Machine Learning and Cybernetics.

[7]  S. Siva Sathya,et al.  A FUZZY BASED DIVIDE AND CONQUER ALGORITHM FOR FEATURE SELECTION IN KDD INTRUSION DETECTION DATASET , 2012 .

[8]  Ying Chen,et al.  Hybrid Intrusion Detection with Weighted Signature Generation over Anomalous Internet Episodes , 2007, IEEE Transactions on Dependable and Secure Computing.

[9]  Hyunjin Kim,et al.  A Memory-Efficient Bit-Split Parallel String Matching Using Pattern Dividing for Intrusion Detection Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[10]  Huang,et al.  Study of Intrusion Detection Systems , 2012 .

[11]  Alexander Hofmann,et al.  Online Intrusion Alert Aggregation with Generative Data Stream Modeling , 2011, IEEE Transactions on Dependable and Secure Computing.

[12]  Na Li,et al.  Incremental Clustering Algorithm for Intrusion Detection Using Clonal Selection , 2008, 2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application.

[13]  Harley Kozushko,et al.  Intrusion Detection : Host-Based and Network-Based Intrusion Detection Systems , 2003 .

[14]  Jin Xu,et al.  Chemical Reaction Optimization for Task Scheduling in Grid Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[15]  Stefano Zanero,et al.  Detecting Intrusions through System Call Sequence and Argument Analysis , 2010, IEEE Transactions on Dependable and Secure Computing.

[16]  Sung-Bae Cho,et al.  Evolutionary neural networks for anomaly detection based on the behavior of a program , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[17]  Wang Tao,et al.  Application Layer Anomaly Detection Based on HSMM , 2010, 2010 International Forum on Information Technology and Applications.

[18]  Erkan Bostanci,et al.  An Evaluation of Classification Algorithms Using Mc Nemar's Test , 2012, BIC-TA.

[19]  Angelos Stavrou,et al.  DoubleGuard: Detecting Intrusions in Multitier Web Applications , 2012, IEEE Transactions on Dependable and Secure Computing.

[20]  Nur Izura Udzir,et al.  Intrusion detection based on k-means clustering and OneR classification , 2011, 2011 7th International Conference on Information Assurance and Security (IAS).

[21]  Wei Hu,et al.  AdaBoost-Based Algorithm for Network Intrusion Detection , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[22]  Anshul Goyal,et al.  Performance Comparison of Naïve Bayes and J 48 Classification Algorithms , 2012 .

[23]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[24]  Ieee Staff 2013 Third International Conference on Recent Trends in Information Technology (ICRTIT) , 2013 .

[25]  César Vargas Rosales,et al.  Detecting anomalies in network traffic using the method of remaining elements , 2009, IEEE Communications Letters.

[26]  Cao Yonghui Study of intrusion detection systems , 2013 .

[27]  Nivedita Naidu,et al.  An Effective Approach to Network Intrusion Detection System using Genetic Algorithm , 2010 .

[28]  L. Ladha,et al.  FEATURE SELECTION METHODS AND ALGORITHMS , 2011 .

[29]  John W. Lockwood,et al.  Fast and Scalable Pattern Matching for Network Intrusion Detection Systems , 2006, IEEE Journal on Selected Areas in Communications.

[30]  Malcolm I. Heywood,et al.  Training genetic programming on half a million patterns: an example from anomaly detection , 2005, IEEE Transactions on Evolutionary Computation.

[31]  Huan Liu,et al.  Toward integrating feature selection algorithms for classification and clustering , 2005, IEEE Transactions on Knowledge and Data Engineering.

[32]  Venkanna Thejavath,et al.  Comparative Analysis of Anomaly based Intrusion Detection Systems in Multi-tier Web Applications , 2013 .

[33]  Sri Ramakrishna,et al.  FEATURE SELECTION METHODS AND ALGORITHMS , 2011 .

[34]  C. Brodley,et al.  Decision tree classification of land cover from remotely sensed data , 1997 .

[35]  Christopher Krügel,et al.  Comprehensive approach to intrusion detection alert correlation , 2004, IEEE Transactions on Dependable and Secure Computing.

[36]  Ahmed Karmouch,et al.  Network anomaly diagnosis via statistical analysis and evidential reasoning , 2008, IEEE Transactions on Network and Service Management.