CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

A Novel Supervised Algorithm for Network Intrusion Detection with the Ability of Zero-day Attacks Identification

by S. Vahid Farrahi, Mahsa Kamali Sarvestani, Marzieh Ahmadzadeh
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 121 - Number 19
Year of Publication: 2015
Authors: S. Vahid Farrahi, Mahsa Kamali Sarvestani, Marzieh Ahmadzadeh
10.5120/21652-4983

S. Vahid Farrahi, Mahsa Kamali Sarvestani, Marzieh Ahmadzadeh . A Novel Supervised Algorithm for Network Intrusion Detection with the Ability of Zero-day Attacks Identification. International Journal of Computer Applications. 121, 19 ( July 2015), 47-50. DOI=10.5120/21652-4983

@article{ 10.5120/21652-4983,
author = { S. Vahid Farrahi, Mahsa Kamali Sarvestani, Marzieh Ahmadzadeh },
title = { A Novel Supervised Algorithm for Network Intrusion Detection with the Ability of Zero-day Attacks Identification },
journal = { International Journal of Computer Applications },
issue_date = { July 2015 },
volume = { 121 },
number = { 19 },
month = { July },
year = { 2015 },
issn = { 0975-8887 },
pages = { 47-50 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume121/number19/21652-4983/ },
doi = { 10.5120/21652-4983 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:08:53.394925+05:30
%A S. Vahid Farrahi
%A Mahsa Kamali Sarvestani
%A Marzieh Ahmadzadeh
%T A Novel Supervised Algorithm for Network Intrusion Detection with the Ability of Zero-day Attacks Identification
%J International Journal of Computer Applications
%@ 0975-8887
%V 121
%N 19
%P 47-50
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In this paper, a new algorithm has been proposed for network intrusion detection. The proposed algorithm operates in a simple but efficient manner. It uses labeled data in the training phase, which means that our algorithm is a supervised algorithm. In the training phase of the algorithm, the data are categorized based on their class label values. Then, the algorithm compute a center point for each category of the class label. A center point is a mean of all samples that belong to the same category. Finally, in the testing phase, the algorithm uses Euclidean distance metric to label the test data based on their distances to the center points. In other words, each test data assigns to the nearest center point. However, a pre-defined threshold has been used in the testing phase in order to deal with zero-day attacks. If a test data point is closer to the normal center it will be assign to the normal class but in this case the algorithm checks the pre-defined threshold. If the distance to the normal center was greater than the pre-defined threshold the test data point will be classify as an attack, else it will be assign to the normal class. Experimental results show that the proposed algorithm is superior to single Naïve Bayes classifier. The detection rate of the proposed algorithm with 95% confidence is between 95. 88 ± 0. 11 and the detection rate of Naïve Bayes algorithm with the same confidence is between 90. 03 ± 0. 31.

References
  1. E. Biermann, E. Cloete, and L. M. Venter, "A comparison of intrusion detection systems," Computers & Security, vol. 20, pp. 676-683, 2001.
  2. B. Morin and L. Mé, "Intrusion detection and virology: an analysis of differences, similarities and complementariness," Journal in computer virology, vol. 3, pp. 39-49, 2007.
  3. P. Kabiri and A. A. Ghorbani, "Research on Intrusion Detection and Response: A Survey," IJ Network Security, vol. 1, pp. 84-102, 2005.
  4. P. Garcia-Teodoro, J. Diaz-Verdejo, G. Maciá-Fernández, and E. Vázquez, "Anomaly-based network intrusion detection: Techniques, systems and challenges," computers & security, vol. 28, pp. 18-28, 2009.
  5. A. Patcha and J. -M. Park, "An overview of anomaly detection techniques: Existing solutions and latest technological trends," Computer Networks, vol. 51, pp. 3448-3470, 2007.
  6. S. Mukherjee and N. Sharma, "Intrusion detection using naive Bayes classifier with feature reduction," Procedia Technology, vol. 4, pp. 119-128, 2012.
  7. B. M. Bidgoli, M. Analoui, M. H. Rezvani, and H. S. Shahhoseini, "Performance Evaluation of Decision Tree for Intrusion Detection Using Reduced Feature Spaces," in Trends in Intelligent Systems and Computer Engineering, ed: Springer, 2008, pp. 273-284.
  8. N. B. Amor, S. Benferhat, and Z. Elouedi, "Naive bayes vs decision trees in intrusion detection systems," in Proceedings of the 2004 ACM symposium on Applied computing, 2004, pp. 420-424.
  9. M. Panda and M. R. Patra, "A comparative study of data mining algorithms for network intrusion detection," in Emerging Trends in Engineering and Technology, 2008. ICETET'08. First International Conference on, 2008, pp. 504-507.
  10. P. Laskov, P. Düssel, C. Schäfer, and K. Rieck, "Learning intrusion detection: supervised or unsupervised?," in Image Analysis and Processing–ICIAP 2005, ed: Springer, 2005, pp. 50-57.
  11. A. K. Jain, M. N. Murty, and P. J. Flynn, "Data clustering: a review," ACM computing surveys (CSUR), vol. 31, pp. 264-323, 1999.
  12. M. Jianliang, S. Haikun, and B. Ling, "The application on intrusion detection based on k-means cluster algorithm," in Information Technology and Applications, 2009. IFITA'09. International Forum on, 2009, pp. 150-152.
  13. M. Tavallaee, E. Bagheri, W. Lu, and A. -A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," in Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defence Applications 2009, 2009.
  14. R. Jain, The art of computer systems performance analysis: John Wiley & Sons, 2008.
  15. G. W. Milligan and M. C. Cooper, "A study of standardization of variables in cluster analysis," Journal of classification, vol. 5, pp. 181-204, 1988.
Index Terms

Computer Science
Information Sciences

Keywords

Data Mining Network Intrusion Detection Zero-day Attacks Identifying Supervised Learning Anomaly Detection

Powered by PhDFocusTM