Title

What Defines An Intruder? An Intelligent Approach

Keywords

Intelligent Networks; Intrusion Detection

Abstract

All attacks in a computer network begin with an intruder's action of affecting the services provided to legitimate users. Hence, intrusion detection is vital for preserving integrity, confidentiality, and availability in a computer network. Intrusion detection faces many challenges, such as the need for large amount of data to discriminate between intruders and non-intruders, and the overlapping of user behavior to that of the intruders. This paper aims to target both of these challenges, by employing a distributed intrusion prevention system based on the Binary Partitle Swarm Optimization (BPSO) and Probabilistic Neural Network (PNN) algorithms. Such a system is capable of: 1) locally classifying actions as intruder or non-intruder type, and 2) consulting neighbors for casting a majority vote, upon finding high ambiguity on a decision. The algorithm uses an evolutionary computation approach to select the best features that can help classify intruders, while using fewer amounts of data. Furthermore, the approach uses concepts from semi-supervised learning to improve and adapt over time, to any network infrastructure. To demonstrate the viability of the proposed approach, a random set of data has been selected from the KDD-99 dataset. Such a set contained capture data from both users and attackers. Results have been compared with traditional data mining algorithms from previous work, demonstrating that such a system can have high accuracy, while maintaining a low false alarm rate. © 2013 IEEE.

Publication Date

10-21-2013

Publication Title

Proceedings of the 2013 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2013 - 2013 IEEE Symposium Series on Computational Intelligence, SSCI 2013

Number of Pages

31-36

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/CICYBS.2013.6597202

Socpus ID

84885621037 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/84885621037

This document is currently not available here.

Share

COinS