RESEARCH ISSUES IN ADAPTIVE INTRUSION DETECTION

A secured network is a must for an e-commerce application to be fully utilized by users. Firewall and encryption are proven to be inadequate. Intrusion detection system (IDS) is put in place as a second line of defense. Nevertheless, the existing IDS produces a high false alarm rate. Literature has shown that investigation towards reducing false alarm rate has shifted from accurate classifier to the adaptive model of normality. The purpose of this paper is to identify and discuss the research issues in adaptive intrusion detection and to propose a model for it.

[1]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[2]  A.H. Sung,et al.  Identifying important features for intrusion detection using support vector machines and neural networks , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[3]  R. Jagannathan,et al.  A prototype real-time intrusion-detection expert system , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[4]  Kwee-Bo Sim,et al.  Adaptive intrusion detection algorithm based on learning algorithm , 2004 .

[5]  Hong Shen,et al.  Application of online-training SVMs for real-time intrusion detection with different considerations , 2005, Comput. Commun..

[6]  Shambhu J. Upadhyaya Real-Time Intrusion Detection with Emphasis on Insider Attacks , 2003, MMM-ACNS.

[7]  Fernando José Von Zuben,et al.  Mapping Artificial Immune Systems into Learning Classifier Systems , 2002, IWLCS.

[8]  Connie M. Borror,et al.  EWMA forecast of normal system activity for computer intrusion detection , 2004, IEEE Transactions on Reliability.

[9]  Barak A. Pearlmutter,et al.  Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[10]  Wei Pan,et al.  A Hybrid Neural Network Approach to the Classification of Novel Attacks for Intrusion Detection , 2005, ISPA.

[11]  Michael Schatz,et al.  Learning Program Behavior Profiles for Intrusion Detection , 1999, Workshop on Intrusion Detection and Network Monitoring.

[12]  Salvatore J. Stolfo,et al.  A framework for constructing features and models for intrusion detection systems , 2000, TSEC.

[13]  Fabio Roli,et al.  Fusion of multiple classifiers for intrusion detection in computer networks , 2003, Pattern Recognit. Lett..

[14]  Lucas M. Venter,et al.  A comparison of Intrusion Detection systems , 2001, Comput. Secur..

[15]  Emin Anarim,et al.  An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks , 2005, Expert Syst. Appl..

[16]  Rayford B. Vaughn,et al.  Adaptive intrusion detection with data mining , 2003, SMC'03 Conference Proceedings. 2003 IEEE International Conference on Systems, Man and Cybernetics. Conference Theme - System Security and Assurance (Cat. No.03CH37483).

[17]  Stephanie Forrest,et al.  An immunological model of distributed detection and its application to computer security , 1999 .

[18]  Subhash C. Bagui,et al.  Combining Pattern Classifiers: Methods and Algorithms , 2005, Technometrics.

[19]  Salvatore J. Stolfo,et al.  Adaptive Intrusion Detection: A Data Mining Approach , 2000, Artificial Intelligence Review.

[20]  Byung-Joo Kim,et al.  Machine Learning Approach to Realtime Intrusion Detection System , 2005, Australian Conference on Artificial Intelligence.

[21]  Sheng-Hsun Hsu,et al.  Application of SVM and ANN for intrusion detection , 2005, Comput. Oper. Res..

[22]  Jiri Matas,et al.  On Combining Classifiers , 1998, IEEE Trans. Pattern Anal. Mach. Intell..

[23]  Todd L. Heberlein,et al.  Network intrusion detection , 1994, IEEE Network.

[24]  Salvatore J. Stolfo,et al.  Using artificial anomalies to detect unknown and known network intrusions , 2003, Knowledge and Information Systems.

[25]  Jian Li,et al.  The research and implementation of intelligent intrusion detection system based on artificial neural network , 2004, Proceedings of 2004 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.04EX826).

[26]  Zheng Qin,et al.  Combining Classifiers with Particle Swarms , 2005, ICNC.

[27]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[28]  Zhi-Xin Yu,et al.  A novel adaptive intrusion detection system based on data mining , 2005, 2005 International Conference on Machine Learning and Cybernetics.

[29]  Julie Greensmith,et al.  Immune system approaches to intrusion detection – a review , 2004, Natural Computing.

[30]  B.V. Dasarathy,et al.  A composite classifier system design: Concepts and methodology , 1979, Proceedings of the IEEE.

[31]  Bo Li,et al.  Study of a multi-shape-gene artificial immune model for network intrusion detection , 2003, Proceedings of the 2003 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.03EX693).

[32]  Daniel S. Yeung,et al.  Multiple Classifier System with Feature Grouping for Intrusion Detection: Mutual Information Approach , 2005, KES.

[33]  Xin Xu,et al.  An Adaptive Network Intrusion Detection Method Based on PCA and Support Vector Machines , 2005, ADMA.

[34]  Stephanie Forrest,et al.  A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[35]  Bo Gao,et al.  HMMs (Hidden Markov models) based on anomaly intrusion detection method , 2002, Proceedings. International Conference on Machine Learning and Cybernetics.

[36]  Yuehui Chen,et al.  Feature Selection and Intrusion Detection Using Hybrid Flexible Neural Tree , 2005, ISNN.

[37]  Julie Greensmith,et al.  Immune System Approaches to Intrusion Detection - A Review , 2004, ICARIS.

[38]  Salvatore J. Stolfo,et al.  Adaptive Model Generation for Intrusion Detection Systems , 2000 .

[39]  Chun-xi Dong,et al.  Statistic Learning and Intrusion Detection , 2003, RSFDGrC.

[40]  Hai Jin,et al.  A Compound Intrusion Detection Model , 2003, ICICS.

[41]  Wei Xu,et al.  Improving one-class SVM for anomaly detection , 2003, Proceedings of the 2003 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.03EX693).

[42]  Chunlin Zhang,et al.  Intrusion detection using hierarchical neural networks , 2005, Pattern Recognit. Lett..