Skip to main content
SpringerLink
Log in

Smart Intrusion Detection with Expert Systems

  • Conference paper
  • First Online:
Advances on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC 2018)

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 24))

Abstract

Nowadays security concerns of computing devices are growing significantly. This is due to ever increasing number of devices connected to the network. In this context, optimising the performance of intrusion detection systems (IDS) is a key research issue to meet demanding requirements on security of complex and large scale networks. Within the IDS systems, attack classification plays an important role. In this work we propose and evaluate the use the generalizing power of neural networks to classify attacks. More precisely, we use multilayer perceptron (MLP) with the back-propagation algorithm and the sigmoidal activation function. The proposed attack classification system is validated and its performance studied through a subset of the DARPA dataset, known as KDD99, which is a public dataset labelled for an IDS and previously processed. We analysed the results corresponding to different configurations, by varying the number of hidden layers and the number of training epochs to obtain a low number of false results. We observed that it is required a large number of training epochs and that by using the entire data set consisting of 31 features the best classification is carried out for the type of Denial-Of-Service and Probe attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.snort.org/.

  2. 2.

    https://www.ll.mit.edu/ideval/data/.

References

  1. Alfantookh, A.A.: DoS attacks intelligent detection using neural networks. J. King Saud Univ. Comput. Inf. Sci. 18, 27–45 (2006)

    Google Scholar 

  2. Amato, F., Moscato, F.: Pattern-based orchestration and automatic verification of composite cloud services. Comput. Electr. Eng. 56, 842–853 (2016)

    Article  Google Scholar 

  3. Amato, F., Moscato, F.: Amato, a model driven approach to data privacy verification in E-Health systems. Trans. Data Priv. 8(3), 273–296 (2015)

    Google Scholar 

  4. Aydin, M.A., Zaim, A.H., Ceylan, K.G.: A hybrid intrusion detection system design for computer network security. Comput. Electr. Eng. 35(3), 517–526 (2009)

    Article  Google Scholar 

  5. Barapatre, P., Tarapore, N.: Training MLP neural network to reduce false alerts in IDS. In: Proceedings of the 2008 International Conference on Computing, Communication and Networking (ICCCN 2008), USA. https://doi.org/10.1109/ICCCNET.2008.4787714

  6. Cilardo, A.: Efficient bit-parallel GF (\(2^M\)) multiplier for a large class of irreducible pentanomials. IEEE Trans. Comput. 58(7), 1001–1008 (2009)

    Article  MathSciNet  Google Scholar 

  7. Heba, E.I., Sherif, M.B., Mohamed, A.S.: Adaptive layered approach using machine learning techniques with gain ratio for intrusion detection systems. Int. J. Comput. Appl. 56(7) (2012)

    Google Scholar 

  8. Kajornrit, J.: A comparative study of optimization methods for improving artificial neural network performance. In: 7th International Conference on Information Technology and Electrical Engineering (ICITEE), pp. 35–40. IEEE CPS (2015)

    Google Scholar 

  9. KNIME.org: Software documentation. https://www.knime.org/

  10. Laheeb, M.I., Dujan, T.B.: A comparison study for intrusion database. J. Eng. Sci. Technol. 8(1), 107–119 (2013)

    Google Scholar 

  11. Jajodia, S., Park, N., Serra, E., Subrahmanian, V.S.: Using temporal probabilistic logic for optimal monitoring of security events with limited resources. J. Comput. Secur. 24(6), 735–791 (2016)

    Article  Google Scholar 

  12. Frank, E., Hall, M.A., Witten, I.H.: The WEKA Workbench. Online Appendix for “Data Mining: Practical Machine Learning Tools and Techniques”, 4th edn. Morgan Kaufmann (2016)

    Google Scholar 

  13. Long, J., Schwartz, D., Stoecklin, S.: Distinguishing false from true alerts in snort by data mining patterns of alerts. In: Proceedings of SPIE Defense and Security Symposium, pp. 62410B-1–10 (2006)

    Google Scholar 

  14. Minsky, M., Papert, S.: Perceptrons: An Introduction to Computational Geometry. The MIT Press, Cambridge (1969)

    MATH  Google Scholar 

  15. Przemysław, K., Zbigniew, K.: Analysis of neural networks usage for detection of a new attack in IDS. Ann. UMCS Inf. 10(1), 51–59 (2010)

    Google Scholar 

  16. Risto, V., Podins, K.: Network IDS alert classification with frequent itemset mining and data clustering. In: International Conference on Network and Service Management (CNSM), pp. 451–456. IEEE (2010)

    Google Scholar 

  17. Rodas, O., To, M.A.: A study on network security monitoring for the hybrid classification-based intrusion prevention systems. Int. J. Space-Based Situated Comput. 5(2), 115–125 (2015)

    Article  Google Scholar 

  18. Vaarandi, R.: Real-time classification of IDS alerts with data mining techniques. In: Proceedings of Military Communications Conference (MILCOM 2009), 7 pp. IEEE (2009). https://doi.org/10.1109/MILCOM.2009.5379762

  19. Yasuoka, Y., Shinomiya, Y., Hoshino, Y.: Evaluation of optimization methods for neural network. In: Joint 8th International Conference on Soft Computing and Intelligent Systems (SCIS) and 17th International Symposium on Advanced Intelligent Systems (ISIS), pp. 92–96. IEEE CPS (2016)

    Google Scholar 

  20. Xhafa, F., Barolli, L.: Semantics, intelligent processing and services for big data. Futur. Gener. Comput. Syst. 37, 201–202 (2014)

    Article  Google Scholar 

  21. Moore, P., Xhafa, F., Barolli, L.: Semantic valence modeling: emotion recognition and affective states in context-aware systems. In: Proceedings - 2014 IEEE 28th International Conference on Advanced Information Networking and Applications Workshops, IEEE WAINA 2014, pp. 536–541 (2014)

    Google Scholar 

  22. Javanmardi, S., Shojafar, M., Shariatmadari, S., Ahrabi, S.: Fr trust: a fuzzy reputation- based model for trust management in semantic p2p grids. Int. J. Grid Util. Comput. 6(1), 57–66 (2015)

    Article  Google Scholar 

  23. Yu, Q., Gu, X.: Network traffic anomaly detection based on dynamic programming. In: International Conference on Computing Intelligence and Information System (CIIS), pp. 62–65. IEEE CPS (2017)

    Google Scholar 

  24. Zhang, L., Chen, Y., Liao, S.: Algorithm optimization of anomaly detection based on data mining. In: 10th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA), pp. 402–404. IEEE CPS (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical Engineering and Information Technology, University of Naples Federico II, Naples, Italy

    Flora Amato & Emilio Vivenzio

  2. Department of Scienze Politiche, University of Campania “Luigi Vanvitelli”, Caserta, Italy

    Francesco Moscato

  3. Department of Computer Science, Universitat Politècnica de Catalunya, Barcelona, Spain

    Fatos Xhafa

Authors
  1. Flora Amato
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Francesco Moscato
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fatos Xhafa
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Emilio Vivenzio
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Flora Amato .

Editor information

Editors and Affiliations

  1. Dept De Ciències De La Computació, Universitat Politècnica De Catalunya, Barcelona, Spain

    Fatos Xhafa

  2. Tunghai University, Taichung, Taiwan

    Fang-Yie Leu

  3. Università Della Campania Luigi Vanvitelli, Caserta, Italy

    Massimo Ficco

  4. Tunghai University, Taichung, Taiwan

    Chao-Tung Yang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Amato, F., Moscato, F., Xhafa, F., Vivenzio, E. (2019). Smart Intrusion Detection with Expert Systems. In: Xhafa, F., Leu, FY., Ficco, M., Yang, CT. (eds) Advances on P2P, Parallel, Grid, Cloud and Internet Computing. 3PGCIC 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 24. Springer, Cham. https://doi.org/10.1007/978-3-030-02607-3_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02607-3_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02606-6

  • Online ISBN: 978-3-030-02607-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation