Anomaly-Based Intrusion Detection System

Anomaly-based network intrusion detection plays a vital role in protecting networks against malicious activities. In recent years, data mining techniques have gained importance in addressing security issues in network. Intrusion detection systems (IDS) aim to identify intrusions with a low false alarm rate and a high detection rate. Although classification-based data mining techniques are popular, they are not effective to detect unknown attacks. Unsupervised learning methods have been given a closer look for network IDS, which are insignificant to detect dynamic intrusion activities. The recent contributions in literature focus on machine learning techniques to build anomaly-based intrusion detection systems, which extract the knowledge from training phase. Though existing intrusion detection techniques address the latest types of attacks like DoS, Probe, U2R, and R2L, reducing false alarm rate is a challenging issue. Most network IDS depend on the deployed environment. Hence, developing a system which is independent of the deployed environment with fast and appropriate feature selection method is a challenging issue. The exponential growth of zero-day attacks emphasizing the need of security mechanisms which can accurately detect previously unknown attacks is another challenging task. In this work, an attempt is made to develop generic meta-heuristic scale for both known and unknown attacks with a high detection rate and low false alarm rate by adopting efficient feature optimization techniques.

[1]  Joohan Lee,et al.  A dynamic data mining technique for intrusion detection systems , 2005, ACM Southeast Regional Conference.

[2]  Colin Gilmore,et al.  Anomaly Detection and Machine Learning Methods for Network Intrusion Detection : an Industrially Focused Literature Review , 2016 .

[3]  A. Malathi,et al.  A Detailed Analysis on NSL-KDD Dataset Using Various Machine Learning Techniques for Intrusion Detection , 2013 .

[4]  Kotaro Hirasawa,et al.  Intrusion detection system combining misuse detection and anomaly detection using Genetic Network Programming , 2009, 2009 ICCAS-SICE.

[5]  Marc Dacier,et al.  A revised taxonomy for intrusion-detection systems , 2000, Ann. des Télécommunications.

[6]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[7]  Michel Barbeau,et al.  Anomaly-based intrusion detection using mobility profiles of public transportation users , 2005, WiMob'2005), IEEE International Conference on Wireless And Mobile Computing, Networking And Communications, 2005..

[8]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[9]  Justin Lee,et al.  A Survey of Intrusion Detection Analysis Methods , 1999 .

[10]  Jyothsna Veeramreddy,et al.  Anomaly-based network intrusion detection through assessing feature association impact scale , 2016, Int. J. Inf. Comput. Secur..

[11]  Akara Prayote,et al.  Knowledge based anomaly detection , 2007 .

[12]  Jyothsna Veeramreddy,et al.  FCAAIS: Anomaly based network intrusion detection through feature correlation analysis and association impact scale , 2016, ICT Express.

[13]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[14]  Satish R. Kolhe,et al.  Survey on Intrusion Detection System using Machine Learning Techniques , 2013 .

[15]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.