Information Technology Reference
In-Depth Information
2 Survey on the AI Based Techniques Used for Intrusion
Detection
Arti
cial neural network based intrusion detection system development is an
important research trend in intrusion detection domain (Yang et al.
2013
). Arti
cial
Neural Network (ANN) has been used in the classi
cation process of the system.
The inputs of ANN are obtained from the features of packet headers, such as port
number and IP number. The implemented embedded IDS has been
first trained with
training data. Then, packet classi
cation has been performed in the real time and
finally time of determining packet classes have been obtained (Tuncer and Tatar
2012
). ANN has been shown to increase ef
ciency, by reducing the fault positive,
and detection capabilities by allowing detection with partial available information
on the network status (El Kadhi et al.
2012
).
Different sizes of feed forward neural networks are compared for their evaluation
performance using MSE. The generalization capacity of the trained network shows
potential and the network is competent to predict number of zombies involved in a
DDoS attack with very less test error (Gupta et al.
2012
). Genetic Algorithm has
successfully applied on NSL-KDD data set (Aziz et al.
2014
). Research has
revealed high accuracy and good detection rates but with moderate false alarm on
novel attacks by the implementing Genetic Algorithms, Support Vector Machines,
Neural Networks etc. (Abdel-Aziz et al.
2013
; Zainaddin et al.
2013
). In a research
it is established that PSO outperforms GA both in population size and number of
evolutions and can converge faster. Comparing PSO with some other machine
learning algorithm it was found that PSO perform better in terms of detection rate,
false alarm rate, and cost per example (Sheikhan and Sharifi
2013
).
IDS development using Self Organization Map (SOM) neural network, has been
successfully detected anomalies (Xiang et al.
2013
). Comparative result analysis of
SOM implementation based on several performance metrics revealed that detection
rate for KDD 99 dataset was 92.37 %, while detection rate for NSL-KDD dataset
was 75.49 % (Ibrahim et al.
2013
).
ART2 neural network experiments with IDS demonstrated that the model
effectively improved detection accuracy and decreased false alarm rate compared
with the static learning intrusion detection method based on SVM (Liu
2013
).
Fuzzy adaptive resonance theory-based neural network (ARTMAP) has been used
as a misuse detector (Sheikhan and Sharifi
2011
).
In majority of the research ANNs has improved the performance of intrusion
detection systems (IDS) when evaluated with traditional approaches. However for
ANN-based IDS, detection precision, especially for low-frequent attacks, and
detection stability are still required to be improved. FC-ANN approach, based on
ANN and fuzzy clustering, has demonstrated to solve IDS that achieved higher
detection rate, less false positive rate and stronger stability. Experimental outcomes
on the KDD CUP 1999 dataset showed that FC-ANN approach outperforms BPNN
and other well-known approaches like decision tree, the naive Bayes in terms of
detection precision and detection stability (Wang et al.
2010
).
Search WWH ::
Custom Search