Skip to main content
SpringerLink
Log in

A Hybrid Model for Anomaly-Based Intrusion Detection System

  • Conference paper
  • First Online:
Advances in Intelligent Information Hiding and Multimedia Signal Processing

Part of the book series: Smart Innovation, Systems and Technologies ((SIST,volume 157))

Abstract

Anomaly-based systems have become critical to the fields of information technology. Since last few years, evolution of anomaly-based intrusion detection system (IDS), improving detection accuracy, and training data preprocessing have been getting specifically important to the researchers of this field. In previous years, a lot have been discussed on the problems in using anomaly-based and hybrid IDSs. Anomaly-based approach is comparatively efficient from signature-based in novel attacks on computer network. However, in some cases, signature-based system is quick in identifying attacks from anomaly systems. In this work, authors have applied preprocessing in KDD 99 and have collected dataset using information gain. Authors have named collected dataset NUM15 as some of the features and redundant data are beside the point which decreases processing time and performance of IDS. After that, naive Bayes and Snort are used to classify the compression results and training the machine in parallel model. This hybrid model combines anomaly and signature detection that can accomplish detection of network anomaly. The results show that the proposed hybrid model can increase the accuracy and can detect novel intrusions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Reazul Kabir, Md., Onik, A.R., Samad, T.: A network intrusion detection framework based on Bayesian network using wrapper approach. Int. J. Comput. Appl. 166(4), 13–17 (2017)

    Article  Google Scholar 

  2. Ashoor, A.S., Gore, S.: Importance of intrusion detection system (IDS). Int. J. Sci. Eng. Res. 1–7 (2005)

    Google Scholar 

  3. Patel, K.K., Buddhadev, B.V.: An architecture of hybrid intrusion detection system. Int. J. Inf. Netw. Secur. 2(2), 197–202 (2013)

    Google Scholar 

  4. Ugtakhbayar, N., Usukhbayar, B., Nyamjav, J.: Improving accuracy for anomaly based IDS using signature based system. Int. J. Comput. Sci. Inf. Secur. 14(5), 358–361 (2016)

    Google Scholar 

  5. Pathan, A.K.: The state of the Art in Intrusion Prevention and Detection. CRC Press (2014)

    Google Scholar 

  6. Pajouh, H.H., Dastghaibyfard, G.H., Hashemi, S.: Two-tier network anomaly detection model: a machine learning approach. J. Intell. Inf. Syst. 61–74 (2017)

    Article  Google Scholar 

  7. Naga Surya Lakshmi, M., Radhika, Y.: A complete study on intrusion detection using data mining techniques. IJCEA IX(VI) (2015)

    Google Scholar 

  8. Stampar, M., et al.: Artificial Intelligence in Network Intrusion Detection

    Google Scholar 

  9. Anderson, J.P.: Computer security threat monitoring and surveillance. In: Technical report, James P. Anderson Co., Fort Washington, Pennsylvania (1980)

    Google Scholar 

  10. Yorozu, Y., Hirano, M., Oka, K., Tagawa, Y.: Electron spectroscopy studies on magneto-optical media and plastic substrate interface. IEEE Trans. J. Mag. Jpn. 2, 740–741 (1987) [Digests 9th Annual Conference on Magnetics Japan, p. 301, 1982]

    Google Scholar 

  11. Zenghui, L., Yingxu, L.: A data mining framework for building Intrusion detection models based on IPv6. In: Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance. Seoul, Korea, Springer-Verlag (2009)

    Google Scholar 

  12. Young, M.: The Technical Writer’s Handbook. University Science, Mill Valley, CA (1989)

    Google Scholar 

  13. Androulidakis, G., Papavassiliou, S.: Improving network anomaly detection via selective flow-based sampling. Commun. IET 399–409 (2008)

    Article  Google Scholar 

  14. Te-Shun, C., Fan, J., Kia, M.: Ensemble of machine learning algorithms for intrusion detection, pp. 3976–3980

    Google Scholar 

  15. Neelam, S., Saurabh, M.: Layered approach for intrusion detection using Naive Bayes classifier. In: Proceedings of the International Conference on Advances in Computing, Communications and Informatics, India (2012)

    Google Scholar 

  16. Gómez, J., Gil, C., Padilla, N., Baños, R., Jiménez, C.: Design of Snort-based hybrid intrusion detection system. In: IWANN 2009, pp. 515–522 (2009)

    Chapter  Google Scholar 

  17. Cepheli, Ö., Büyükçorak, S., Kurt, G.K.: Hybrid intrusion detection system for DDoS attacks. J. Electr. Comput. Eng. 2016 (2016). Article ID 1075648

    Article  Google Scholar 

  18. Hussein, S.M., Mohd Ali, F.H., Kasiran, Z.: Evaluation effectiveness of hybrid IDS using Snort with Naïve Bayes to detect attacks. In: IEEE DICTAP 2nd International Conference, May 2012

    Google Scholar 

  19. Dhakar, M., Tiwari, A.: A novel data mining based hybrid intrusion detection framework. J. Inf. Comput. Sci. 9(1), 37–48 (2014)

    Google Scholar 

  20. Veeramachaneni, K., Arnaldo, I., Cuesta-Infante, A., Korrapati, V., Bassias, C., Li, K.: AI2: training a big data machine to defend. In: 2nd IEEE International Conference on Big Data Security (2016)

    Google Scholar 

  21. Aburomman, A.A., Reaz, M.B.I.: Review of IDS development methods in machine learning. Int. J. Electr. Comput. Eng. (IJECE) 6(5), 2432–2436 (2016)

    Article  Google Scholar 

  22. Snort. http://www.snort.org

  23. Pachghare, V.K., Khatavkar, V.K., Kulkarni, P.: Pattern based network security using semi-supervised learning. Int. J. Inf. Netw. Secur. 1(3), 228–234 (2012)

    Google Scholar 

  24. Hlaing, T.: Feature selection and fuzzy decision tree for network intrusion detection. Int. J. Inform. Commun. Technol. 1(2), 109–118 (2012)

    Google Scholar 

  25. Wang, Y., Yang, K., Jing, X., Jin, H.L.: Problems of KDD Cup 99 dataset existed and data preprocessing. Appl. Mech. Mater. 667, 218–225 (2014)

    Article  Google Scholar 

  26. Weka. http://weka.sourceforge.net

  27. Olusola, A.A., Oladele, A.S., Abosede, D.O.: Analysis of KDD’99 intrusion detection dataset for selection of relevance features. In: Proceedings of the WCECS 2010, USA (2010)

    Google Scholar 

  28. Aslahi-Shahri, B.M., Rahmani, R., Chizari, M., Maralani, A., Eslami, M., Golkar, M.J., Ebrahimi, A.: A hybrid method consisting of GA and SVM for intrusion detection system. Neural Comput. Appl. 27(6), 1669–1676 (2016)

    Article  Google Scholar 

  29. Maxion, R.A., Roberts, R.R.: Proper use of ROC curves in intrusion/anomaly detection. Technical report CS-TR-871 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National University of Mongolia, Ulaanbaatar, Mongolia

    N. Ugtakhbayar & B. Usukhbayar

  2. Mongolian University of Science and Technology, Ulaanbaatar, Mongolia

    S. Baigaltugs

Authors
  1. N. Ugtakhbayar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. B. Usukhbayar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. S. Baigaltugs
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to N. Ugtakhbayar .

Editor information

Editors and Affiliations

  1. College of Computer Science and Engineering, Shandong University of Science and Technology, Qingdao Shi, Shandong, China

    Jeng-Shyang Pan

  2. Northeast Electric Power University, Chuanying Qu, Jilin, China

    Jianpo Li

  3. Swinburne University of Technology, Hawthorn, Melbourne, Australia

    Pei-Wei Tsai

  4. Centre for Artificial Intelligence, University of Technology Sydney, Sydney, NSW, Australia

    Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ugtakhbayar, N., Usukhbayar, B., Baigaltugs, S. (2020). A Hybrid Model for Anomaly-Based Intrusion Detection System. In: Pan, JS., Li, J., Tsai, PW., Jain, L. (eds) Advances in Intelligent Information Hiding and Multimedia Signal Processing. Smart Innovation, Systems and Technologies, vol 157. Springer, Singapore. https://doi.org/10.1007/978-981-13-9710-3_44

Download citation

Publish with us

Policies and ethics

Search

Navigation