Real-Time Intrusion Prediction Using Hidden Markov Model with Genetic Algorithm

As the use of Internet increases, cyber attacks and their severity also increase. Since it is not possible to compromise on security, intrusion detection systems (IDSs) become critical component in a secure organization. IDSs detect an attack only after it has occurred. When use in a high-traffic network, IDSs produce a large number of alerts. The false-positive (FP) rate increases with this. In this paper, we propose a framework for predicting future attacks by combining two machine-learning methods: genetic algorithm (GA) and hidden Markov model (HMM). It has two major components in which the first component makes use of GA to derive efficient intrusion detection rules and thereafter a precise detection of attacks. The second component uses HMM to predict the next attack class of the attacker. So combining these together is a good idea and gives a good intrusion prediction capability with reduced FP rate.

[1]  Ren Hui Gong,et al.  A software implementation of a genetic algorithm based approach to network intrusion detection , 2005, Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Network.

[2]  Salim Hariri,et al.  An efficient network intrusion detection method based on information theory and genetic algorithm , 2005, PCCC 2005. 24th IEEE International Performance, Computing, and Communications Conference, 2005..

[3]  Wei Lu,et al.  Detecting New Forms of Network Intrusion Using Genetic Programming , 2004, Comput. Intell..

[4]  Wei Li,et al.  Using Genetic Algorithm for Network Intrusion Detection , 2004 .

[5]  Ajith Abraham,et al.  DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment , 2007 .

[6]  Ali A. Ghorbani,et al.  Alert Correlation for Extracting Attack Strategies , 2006, Int. J. Netw. Secur..

[7]  Grant Dick,et al.  Feature Selection of Intrusion Detection Data using a Hybrid Genetic Algorithm/KNN Approach , 2003, HIS.

[8]  Deborah A. Frincke,et al.  Improving the quality of alerts and predicting intruder's next goal with Hidden Colored Petri-Net , 2007, Comput. Networks.