IDSFS: A Signature Based Intrusion Detection System with High Pertinent Feature Selection Method
DOI:
https://doi.org/10.51983/ajcst-2019.8.2.2145Keywords:
Feature Selection, Intrusion Detection System, Association Rule Mining, Apriori Algorithm, Artificial Neural Network, Aho-Corasick Pattern Matching Algorithm, Gain Ratio, Chi-Square AnalysisAbstract
Securing a network from the attackers is a challenging task at present as many users involve in variety of computer networks. To protect any individual host in a network or the entire network, some security system must be implemented. In this case, the Intrusion Detection System (IDS) is essential to protect the network from the intruders. The IDS have to deal with a lot of network packets with different characteristics. A signature-based IDS is a potential tool to understand former attacks and to define suitable method to conquest it in variety of applications. This research article elucidates the objective of IDS with a mechanism which combines the network and host-based IDS. The benchmark dataset for DARPA is considered to generate the IDS mechanism. In this paper, a frame work IDSFS – a signature-based IDS with high pertinent feature selection method is framed. This frame work consists of earlier proposed Feature Selection method (HPFSM), Artificial Neural Network for classification of nodes or packets in the network, then the signatures or attack rules are configured by implementing Association Rule mining algorithm and finally the rules are restructured using a pattern matching algorithm-Aho-Corasick to ease the rule checking. The metrics like number of features, classification accuracy, False Positive Rate (FPR), Precision, Number of rules, Running Time and Memory consumption are checked and proved the proposed frame work’s efficiency.
References
Biswaraj Sen et al., "A Trust-Based Intrusion Detection System for Mitigating Blackhole Attacks in MANET," in Advanced Computational and Communication Paradigms, Springer, Singapore, vol. 706, pp. 765-775, 2018.
Hong Min et al., "Pattern Matching Based Sensor Identification Layer for an Android Platform," in Wireless Communications and Mobile Computing, vol. 2018, Oct 2018.
Hasil Park et al., "Hybrid Sensor Network-Based Indoor Surveillance System for Intrusion Detection," in Symmetry, vol. 10, no. 6, May 2018.
Nour Moustafa, Gideon Creech, and Jill Slay, "Anomaly Detection System Using Beta Mixture Models and Outlier Detection," in Progress in Computing, Analytics and Networking, Springer, Singapore, vol. 710, pp. 125-135, April 2018.
Prachi Deshpande et al., "HIDS: A host based intrusion detection system for cloud computing environment," in International Journal of System Assurance Engineering and Management, vol. 9, no. 3, pp. 567-576, June 2018.
Cheng-Chung Kuo et al., "Design and Implementation of a Host-Based Intrusion Detection System for Linux-Based Web Server," in International Conference on Intelligent Information Hiding and Multimedia Signal Processing, Springer, Cham, vol. 110, Nov. 2018.
Jianglong Song, Wentao Zhao, Qiang Liu, and Xin Wang, "Hybrid Feature Selection for Supporting Light-Weight Intrusion Detection Systems," in IOP Conference Series, Journal of Physics, Conference Series: vol. 887, pp. 1-7, Aug 2017.
M.S. Irfan Ahmed, A.M. Riyad, R.L. Raheemaa Khan, K. Mohamed Jamshad, E. Shamsudeen, "Information based feature selection for intrusion detection systems," in International Journal of Scientific & Engineering Research, vol. 8, no. 7, pp. 2362-2366, July 2017.
Longjie Li et al., "Towards Effective Network Intrusion Detection: A Hybrid Model Integrating Gini Index and GBDT with PSO," in Journal of Sensors, vol. 20, Mar 2018.
M.R. Gauthama Raman et al., "A hypergraph and arithmetic residue-based probabilistic neural network for classification in intrusion detection systems," in Neural Networks, vol. 92, pp. 89-97, August 2017.
Yu Wang et al., "A fog-based privacy-preserving approach for distributed signature-based intrusion detection," in Journal of Parallel and Distributed Computing, vol. 122, pp. 26-35, Dec 2018.
Yehonatan Cohen, Danny Hendler, and Amir Rubin, "Detection of malicious webmail attachments based on propagation patterns," in Knowledge-Based Systems, vol. 141, pp. 67-79, February 2018.
S. Latha and S.J. Prakash, "HPFSM-A high pertinent feature selection mechanism for intrusion detection system," in International Journal of Pure and Applied Mathematics, vol. 118, no. 9, pp. 77-83, 2018.
Bhavin Shah and Bhushan H. Trivedi, "Artificial Neural Network-based intrusion detection system: A survey," in International Journal of Computer Applications, vol. 39, no. 6, pp. 13-18, Feb 2012.
M. Sathya and K. Thangadurai, "Association Rule Generation Using E-ACO Algorithm," in International Journal of Control Theory and Applications, vol. 27, no. 9, pp. 513-521, 2016.
Kyu-Seok Shim et al., "Effective behavior signature extraction method using sequence pattern algorithm for traffic identification," in International Journal of Network Management, vol. 28, no. 2, pp. 1-7, August 2017.
Santosh Kumar Sahu, "A Detail Analysis on Intrusion Detection Datasets," in IEEE International Advance Computing Conference (IACC), pp. 1348-1353, Feb. 2014.
Zibusiso Dewa and Leandros A. Maglaras, "Data Mining and Intrusion Detection Systems," in (IJACSA) International Journal of Advanced Computer Science and Applications, vol. 7, no. 1, pp. 62-71, January 2016.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2019 The Research Publication
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.