A NETWORK INTRUSION DETECTION SYSTEM BASED ON ARTIFICIAL INTELLIGENCE AND SEMANTIC WEB TECHNIQUES

Andrei ZAMFIRA, Horia CIOCARLIE

Abstract


In this paper is proposed an intrusion detection system (IDS) that makes use of some of the newest and innovative   technologies that began to be used also in this field, as are those from Artificial Intelligence and Semantic Web. From the first category the most important are multi-agents and clustering techniques, and from the latter ontologies. The main objective of the current work is to overcome the problems of traditional IDSs, that use a centralized architecture in realizing the detections of attacks, by employing a distributed approach, thus avoiding all inherent problems, as it will be described more broadly during this article.  Proposed solution combines a multi-agent technology with a semantic data model and a data mining algorithm. Experiments have been performed and the results were compared with other 2 IDSs from literature, one centralized and one distributed in terms of two functional requirements: scalability and detection accuracy.

Full Text:

PDF

References


Abdoli,F., Kahani,F., Ontology-based Distributed Intrusion Detection System, Proceedings of 14th International Conference on Computers (CSICC), Teheran, Iran (2009)

Agarwal,N., Hussain,Z., A Closer Look at Intrusion Detection Systems for Web Applications, Hindawi Journal on Security and Communication Networks (2018)

Dabbura,I., K-Means Clustering: Algorithm, Applications, Evaluation and Drawbacks, https://towardsdatascience.com/k-means-clustering-algorithm-applications-evaluation-methods-and-drawbacks-aa03e644b48a (2018)

Djotio,T., Tangha,C., Tchangoue,F., Batchakui,B.; MONI: Mobile Agents Ontology-based Network Intrusion Management, International Journal of Advanced Media and Communication, vol.2, no.3 (2008)

Garcia-Teodoro,P., Diaz-Verdejo,J., Macia-Fernandez,G., Vazquez,E., Anomaly-based Network Intrusion Detection: Techniques, Systems, Challenges, Journals of Computers&Security, vol.28, Elsevier (2009)

Obrst,L., Chase,P., Markeloff,R., Developing an Ontology of the Cybersecurity Domain, Semantic Technologies for Intelligence, Defense and Security (STIDS), Fairfax, Virginia, USA (2012)

Razzaq,A., Anwar,Z., Ahmad,H., Latif,K., Munir,F., Ontology for Attack Detection: An Intelligent Approach to Web Application Security, Journal of Computers&Security, Elsevier, pp.124-146 (2014)

Razzaq,A., Farooq,H., Haider,N., Ontology-based Application Level Intrusion Detection System using Bayesian Filter, Proceedings of 2nd International Conference on Computer, Control and Communication (IC4), Karachi, Pakistan (2009)

Scarfone,K., Mell,P., Guide to Intrusion Detection and Prevention Systems (IDPS), Recommendations of the National Institute of Standards and Technology (NIST), Special Publication (2007)

Tsai,C., Hsu,Y., Lin,C., Lin,W., Intrusion Detection by Machine Learning: A Review, Expert Systems with Applications, vol.36, Elsevier (2009)

Undercoffer,J., Joshi,A., Pinkston.J., Modeling Computer Attacks: An Ontology for Intrusion Detection, Proceedings of the 6th International Symposium Recent Advances in Intrusion Detection (RAID), Pittsburgh, Pennsylvania USA (2003)

Undercoffer,J., Joshi,A., Pinkston,J., A Target-centric Ontology for Intrusion Detection, Proceedings of 18th International Conference on Artificial Intelligence, Acapulco, Mexico (2003)

Zhu,Y., Attack Pattern Ontology: A Common Language for Cyber-Security Information Sharing, Master Thesis Technical University Delft, India (2015)

Zamfira,A., Ciocarlie,H., Developing an Ontology for Cyber-Operations in Computer Networks, Proceedings of 14th International Conference on Intelligent Computer Communication and Processing (ICCP'18), Cluj-Napoca, Romania (2018)

Song,J., Takakura,H., Okabe,Y., Statistical Analysis of Honeypot Data and Building of Kyoto2006+ Dataset for NIDS Evaluation”, Proceedings of 1st Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, pp.29-36, Salzburg, Austria (2011)


Refbacks

  • There are currently no refbacks.


JOURNAL INDEXED IN :