A Bio-Inspired Hybrid Artificial Intelligence Framework for Cyber Security

Confidentiality, Integrity, and Availability of Military information is a crucial and critical factor for a country’s national security. The security of military information systems (MIS) and Networks (MNET) is a subject of continuous research and design, due to the fact that they manage, store, manipulate, and distribute the information. This study presents a bio-inspired hybrid artificial intelligence framework for cyber security (bioHAIFCS). This framework combines timely and bio-inspired Machine Learning methods suitable for the protection of critical network applications, namely military information systems, applications and networks. More specifically, it combines (a) the hybrid evolving spiking anomaly detection model (HESADM), which is used in order to prevent in time and accurately, cyber-attacks, which cannot be avoided by using passive security measures, namely: Firewalls, (b) the evolving computational intelligence system for malware detection (ECISMD) that spots and isolates malwares located in packed executables untraceable by antivirus, and (c) the evolutionary prevention system from SQL injection (ePSSQLI) attacks, which early and smartly forecasts the attacks using SQL Injections methods.

[1]  Shambhu J. Upadhyaya,et al.  SpyCon: Emulating User Activities to Detect Evasive Spyware , 2007, 2007 IEEE International Performance, Computing, and Communications Conference.

[2]  Nikola Kasabov,et al.  Evolving Connectionist System Based Role Allocation for Robotic Soccer , 2008 .

[3]  Giovanni Vigna,et al.  A Learning-Based Approach to the Detection of SQL Attacks , 2005, DIMVA.

[4]  Michael Meier,et al.  Learning SQL for Database Intrusion Detection using Context-Sensitive Modelling , 2009, LWA.

[5]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[6]  Konstantinos Demertzis,et al.  Evolving Computational Intelligence System for Malware Detection , 2014, CAiSE Workshops.

[7]  Nikola Kasabov,et al.  Evolving Connectionist Systems: The Knowledge Engineering Approach , 2007 .

[8]  Alessandro Orso,et al.  WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation , 2008, IEEE Transactions on Software Engineering.

[9]  Vladimir N. Vapnik,et al.  The Nature of Statistical Learning Theory , 2000, Statistics for Engineering and Information Science.

[10]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[11]  A. Aminian,et al.  A multi-layer feed forward neural network model for accurate prediction of flue gas sulfuric acid dew points in process industries , 2010 .

[12]  Sung-Bae Cho,et al.  Evolutionary neural networks for anomaly detection based on the behavior of a program , 2005, IEEE Trans. Syst. Man Cybern. Part B.

[13]  Nikola K. Kasabov,et al.  Evolving fuzzy neural networks for supervised/unsupervised online knowledge-based learning , 2001, IEEE Trans. Syst. Man Cybern. Part B.

[14]  Zurina Mohd Hanapi,et al.  Hybrid of fuzzy Clustering Neural Network over NSL Dataset for Intrusion Detection System , 2013, J. Comput. Sci..

[15]  Nirwan Ansari,et al.  Revealing Packed Malware , 2008, IEEE Security & Privacy.

[16]  Hongjoong Kim,et al.  A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods , 2006, IEEE Transactions on Signal Processing.

[17]  Vinod Yegneswaran,et al.  Eureka: A Framework for Enabling Static Malware Analysis , 2008, ESORICS.

[18]  Mehdi Bahrami,et al.  An overview to Software Architecture in Intrusion Detection System , 2011, ArXiv.

[19]  Somesh Jha,et al.  OmniUnpack: Fast, Generic, and Safe Unpacking of Malware , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[20]  Leon Reznik,et al.  Anomaly Detection Based Intrusion Detection , 2006, Third International Conference on Information Technology: New Generations (ITNG'06).

[21]  Marcus A. Maloof,et al.  Learning to Detect and Classify Malicious Executables in the Wild , 2006, J. Mach. Learn. Res..

[22]  Biswanath Mukherjee,et al.  A Methodology for Testing Intrusion Detection Systems , 1996, IEEE Trans. Software Eng..

[23]  Wenke Lee,et al.  McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).

[24]  Michael Meier,et al.  Learning SQL for Database Intrusion Detection Using Context-Sensitive Modelling (Extended Abstract) , 2009, DIMVA.

[25]  Nikos Vlassis,et al.  A Concise Introduction to Multiagent Systems and Distributed Artificial Intelligence I Mobk077-fm Synthesis Lectures on Artificial Intelligence and Machine Learning a Concise Introduction to Multiagent Systems and Distributed Artificial Intelligence a Concise Introduction to Multiagent Systems and D , 2007 .

[26]  Dragos Gavrilut,et al.  Malware detection using machine learning , 2009, 2009 International Multiconference on Computer Science and Information Technology.

[27]  Pat Langley,et al.  Estimating Continuous Distributions in Bayesian Classifiers , 1995, UAI.

[28]  Jacques Gautrais,et al.  Rank order coding , 1998 .

[29]  Chen Guo-tong Fuzzy Neural Network Model Based on Particle Swarm Optimization for Short-term Load Forecasting , 2007 .

[30]  Liang Goh,et al.  A Hybrid Feature Selection Approach for Microarray Gene Expression Data , 2006, International Conference on Computational Science.

[31]  Manu Pratap Singh,et al.  Performance evaluation of feed-forward neural network with soft computing techniques for hand written English alphabets , 2011, Appl. Soft Comput..

[32]  Li Shou-an Development Cost Estimation of Aircraft Frame Based on BP Neural Networks , 2005 .

[33]  Li Yang,et al.  The research of intrusion detection based on genetic neural network , 2008, 2008 International Conference on Wavelet Analysis and Pattern Recognition.

[34]  Michael Defoin-Platel,et al.  Integrated Feature and Parameter Optimization for an Evolving Spiking Neural Network , 2008, ICONIP.

[35]  Salvatore J. Stolfo,et al.  Cost-based modeling for fraud and intrusion detection: results from the JAM project , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[36]  Yon Sik Lee,et al.  Preventing SQL Injection Attack Based on Machine Learning , 2013 .

[37]  J. Hossen,et al.  A Modified Hybrid Fuzzy Clustering Algorithm for Data Partitions , 2011 .

[38]  Romil Rawat,et al.  SQL injection attack Detection using SVM , 2012 .

[39]  Wenke Lee,et al.  PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[40]  J. Suguna,et al.  Ensemble Fuzzy Clustering for Mixed Numeric and Categorical Data , 2012 .

[41]  Konrad Rieck,et al.  Incorporation of Application Layer Protocol Syntax into Anomaly Detection , 2008, ICISS.

[42]  Komal Babar,et al.  Generic unpacking techniques , 2009, 2009 2nd International Conference on Computer, Control and Communication.

[43]  Arnaud Delorme,et al.  Spike-based strategies for rapid processing , 2001, Neural Networks.

[44]  Arnaud Delorme,et al.  Networks of integrate-and-fire neurons using Rank Order Coding B: Spike timing dependent plasticity and emergence of orientation selectivity , 2001, Neurocomputing.

[45]  Igor Santos,et al.  Semi-supervised learning for packed executable detection , 2011, 2011 5th International Conference on Network and System Security.

[46]  Nikola Kasabov,et al.  GA-parameter optimisation of evolving connectionist systems for classification and a case study from bioinformatics , 2002, Proceedings of the 9th International Conference on Neural Information Processing, 2002. ICONIP '02..

[47]  Muhammad Zubair Shafiq,et al.  PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime , 2009, RAID.

[48]  Yanfang Ye,et al.  IMDS: intelligent malware detection system , 2007, KDD '07.

[49]  Bruce W. Weide,et al.  Using parse tree validation to prevent SQL injection attacks , 2005, SEM '05.

[50]  Rubén Santamarta,et al.  GENERIC DETECTION AND CLASSIFICATION OF POLYMORPHIC MALWARE USING NEURAL PATTERN RECOGNITION , 2006 .

[51]  Zhoujun Li,et al.  SQL Injection Detection with Composite Kernel in Support Vector Machine , 2012 .

[52]  Konstantinos Demertzis,et al.  A Hybrid Network Anomaly and Intrusion Detection Approach Based on Evolving Spiking Neural Network Classification , 2013, e-Democracy.

[53]  Nitesh V. Chawla,et al.  SMOTE: Synthetic Minority Over-sampling Technique , 2002, J. Artif. Intell. Res..

[54]  Heng Yin,et al.  Renovo: a hidden code extractor for packed executables , 2007, WORM '07.

[55]  InSeon Yoo,et al.  Visualizing windows executable viruses using self-organizing maps , 2004, VizSEC/DMSEC '04.

[56]  Yi Zhang,et al.  Classifying Software Changes: Clean or Buggy? , 2008, IEEE Transactions on Software Engineering.

[57]  Mark Stamp,et al.  Profile hidden Markov models and metamorphic virus detection , 2009, Journal in Computer Virology.

[58]  Simei Gomes Wysoski,et al.  Adaptive Learning Procedure for a Network of Spiking Neurons and Visual Pattern Recognition , 2006, ACIVS.

[59]  S. Momina Tabish,et al.  PE-Probe: Leveraging Packer Detection and Structural Information to Detect Malicious Portable Executables , 2009 .

[60]  Yang Xiang,et al.  Software Similarity and Classification , 2012, SpringerBriefs in Computer Science.

[61]  Igor Santos,et al.  Collective classification for packed executable identification , 2011, CEAS '11.

[62]  Andrew Walenstein,et al.  Using Markov chains to filter machine-morphed variants of malicious programs , 2008, 2008 3rd International Conference on Malicious and Unwanted Software (MALWARE).

[63]  N. Kasabov,et al.  Evolving Connectionist Systems Based Role Allocation of Robots for Soccer Playing , 2005, Proceedings of the 2005 IEEE International Symposium on, Mediterrean Conference on Control and Automation Intelligent Control, 2005..

[64]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.