Multivariable Heuristic Approach to Intrusion Detection in Network Environments

The Internet is an inseparable part of our contemporary lives. This means that protection against threats and attacks is crucial for major companies and for individual users. There is a demand for the ongoing development of methods for ensuring security in cyberspace. A crucial cybersecurity solution is intrusion detection systems, which detect attacks in network environments and responds appropriately. This article presents a new multivariable heuristic intrusion detection algorithm based on different types of flags and values of entropy. The data is shared by organisations to help increase the effectiveness of intrusion detection. The authors also propose default values for parameters of a heuristic algorithm and values regarding detection thresholds. This solution has been implemented in a well-known, open-source system and verified with a series of tests. Additionally, the authors investigated how updating the variables affects the intrusion detection process. The results confirmed the effectiveness of the proposed approach and heuristic algorithm.

[1]  Mustafa COŞAR,et al.  Performance Comparison of Open Source IDSs via Raspberry Pi , 2018, 2018 International Conference on Artificial Intelligence and Data Processing (IDAP).

[2]  Algirdas Baskys,et al.  Application of Histogram-Based Outlier Scores to Detect Computer Network Anomalies , 2019, Electronics.

[3]  Vinod Jain,et al.  Applying Genetic Algorithm in Intrusion Detection System of IoT Applications , 2020, 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184).

[4]  V. Valli Kumari,et al.  Feature Selection Using Relative Fuzzy Entropy and Ant Colony Optimization Applied to Real-time Intrusion Detection System , 2016 .

[5]  Gisung Kim,et al.  A novel hybrid intrusion detection method integrating anomaly detection with misuse detection , 2014, Expert Syst. Appl..

[6]  Xie Ke,et al.  Intrusion Detection Based on Support Vector Machine Using Heuristic Genetic Algorithm , 2014, 2014 Fourth International Conference on Communication Systems and Network Technologies.

[7]  Israt Jahan,et al.  A Survey on Cyber Security Threats and Challenges in Modem Society , 2019, 2019 IEEE International Conference on Electro Information Technology (EIT).

[8]  Andrew R. Baker,et al.  Snort 2.1 intrusion detection , 2004 .

[9]  Sharaf Malebary,et al.  Particle Swarm Optimization-Based Feature Weighting for Improving Intelligent Phishing Website Detection , 2020, IEEE Access.

[10]  Hong-Jie Xing,et al.  Regularized correntropy criterion based feature extraction for novelty detection , 2014, Neurocomputing.

[11]  William Stallings,et al.  Cryptography and network security - principles and practice (3. ed.) , 2014 .

[12]  J. Arokia Renjit,et al.  Review on intrusion detection using feature selection with machine learning techniques , 2020 .

[13]  Yong Meng Teo,et al.  A conceptural framework to federate testbeds for cybersecurity , 2017, 2017 Winter Simulation Conference (WSC).

[14]  Krishna Asawa,et al.  Mitigation and Detection of DDoS Attacks in Software Defined Networks , 2018, 2018 Eleventh International Conference on Contemporary Computing (IC3).

[15]  Sheng Zhou,et al.  A review on signature-based detection for network threats , 2017, 2017 IEEE 9th International Conference on Communication Software and Networks (ICCSN).

[16]  Robertas Damasevicius,et al.  An Efficient DenseNet-Based Deep Learning Model for Malware Detection , 2021, Entropy.

[17]  Junhong Kim,et al.  Insider Threat Detection Based on User Behavior Modeling and Anomaly Detection Algorithms , 2019, Applied Sciences.

[18]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[19]  Nader Mohamed,et al.  Opportunities and Challenges of Data-Driven Cybersecurity for Smart Cities , 2020, 2020 IEEE Systems Security Symposium (SSS).

[20]  Abdulkadir Sengür,et al.  Machine learning methods for cyber security intrusion detection: Datasets and comparative study , 2021, Comput. Networks.

[21]  Weijian Fang,et al.  Application of intrusion detection technology in network safety based on machine learning , 2020 .

[22]  Taher Ahmed Ghaleb,et al.  Review of Signature-based Techniques in Antivirus Products , 2019, 2019 International Conference on Computer and Information Sciences (ICCIS).

[23]  Jay Beale,et al.  Snort Intrusion Detection and Prevention Toolkit , 2007 .

[24]  Swapnil Umbarkar,et al.  Analysis of Heuristic based Feature Reduction method in Intrusion Detection System , 2018, 2018 5th International Conference on Signal Processing and Integrated Networks (SPIN).

[25]  Neeraj Kumar,et al.  A feature reduced intrusion detection system using ANN classifier , 2017, Expert Syst. Appl..

[26]  Isabel Praça,et al.  Intelligent Cyber Attack Detection and Classification for Network-Based Intrusion Detection Systems , 2020, Applied Sciences.

[27]  A. Tiwari,et al.  Review of cybersecurity issues in industrial critical infrastructure: manufacturing in perspective , 2017 .

[28]  S. Sobin Soniya,et al.  Intrusion detection system: Classification and techniques , 2016, 2016 International Conference on Circuit, Power and Computing Technologies (ICCPCT).

[29]  Indraneel Mukhopadhyay,et al.  Heuristic Intrusion Detection and Prevention System , 2015, 2015 International Conference and Workshop on Computing and Communication (IEMCON).

[30]  Research on SDN intrusion detection based on online ensemble learning algorithm , 2020, 2020 International Conference on Networking and Network Applications (NaNA).

[31]  Robert Lyda,et al.  Using Entropy Analysis to Find Encrypted and Packed Malware , 2007, IEEE Security & Privacy.

[32]  Saravana Balaji B,et al.  An Efficient SQL Injection Detection System Using Deep Learning , 2021, 2021 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE).

[33]  M Deivakani,et al.  Detection of software intrusion based on machine learning techniques for IOT systems , 2021 .

[34]  Intrusion Detection Mechanism Based On Modular Neural Network , 2020, 2020 2nd International Conference on Machine Learning, Big Data and Business Intelligence (MLBDBI).

[35]  M. V. Rajesh Intensive analysis of intrusion detection methodology over Mobile Adhoc Network using machine learning strategies , 2021 .

[36]  Saiyan Saiyod,et al.  Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining , 2015 .

[37]  K. Saravanan,et al.  Packet Score based network security and Traffic Optimization , 2012, ArXiv.

[38]  D Vasumathi,et al.  Review on anomaly based network intrusion detection system , 2017, 2017 International Conference on Electrical, Electronics, Communication, Computer, and Optimization Techniques (ICEECCOT).

[39]  Hind Bangui,et al.  Recent Advances in Machine-Learning Driven Intrusion Detection in Transportation: Survey , 2021, ANT/EDI40.

[40]  A. A. Aryachandra,et al.  Intrusion Detection System (IDS) server placement analysis in cloud computing , 2016, 2016 4th International Conference on Information and Communication Technology (ICoICT).

[41]  David Clark,et al.  Getting Ahead of the Arms Race: Hothousing the Coevolution of VirusTotal with a Packer , 2021, Entropy.

[42]  Pavol Sokol,et al.  Early-Stage Detection of Cyber Attacks , 2020, Inf..

[43]  Azlinah Mohamed,et al.  A Review on Cybersecurity: Challenges & Emerging Threats , 2020, NISS.

[44]  Wei Jie,et al.  A Review of Performance, Energy and Privacy of Intrusion Detection Systems for IoT , 2018, Electronics.

[45]  Houssain Kettani,et al.  On the Top Threats to Cyber Systems , 2019, 2019 IEEE 2nd International Conference on Information and Computer Technologies (ICICT).

[46]  S. Ioannidis,et al.  Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware † , 2021, Sensors.

[47]  Y. Reich,et al.  Incorporating Systems Thinking Into a Cyber Resilience Maturity Model , 2021, IEEE Engineering Management Review.

[48]  Zhentao Wang,et al.  Research and Design of Preprocessor Plugin Based on PCRE under Snort Platform , 2011, 2011 International Conference on Control, Automation and Systems Engineering (CASE).

[49]  Mahesh Kumar Prasath,et al.  A meta-heuristic Bayesian network classification for intrusion detection , 2019, Int. J. Netw. Manag..

[50]  Herbert J. Mattord,et al.  Principles of Information Security , 2004 .

[51]  Heuiseok Lim,et al.  A Systematic Review of Defensive and Offensive Cybersecurity with Machine Learning , 2020, Applied Sciences.