Skip to main content
SpringerLink
Log in

A Bio-Inspired Hybrid Artificial Intelligence Framework for Cyber Security

  • Chapter
Computation, Cryptography, and Network Security

Abstract

Confidentiality, Integrity, and Availability of Military information is a crucial and critical factor for a country’s national security. The security of military information systems (MIS) and Networks (MNET) is a subject of continuous research and design, due to the fact that they manage, store, manipulate, and distribute the information. This study presents a bio-inspired hybrid artificial intelligence framework for cyber security (bioHAIFCS). This framework combines timely and bio-inspired Machine Learning methods suitable for the protection of critical network applications, namely military information systems, applications and networks. More specifically, it combines (a) the hybrid evolving spiking anomaly detection model (HESADM), which is used in order to prevent in time and accurately, cyber-attacks, which cannot be avoided by using passive security measures, namely: Firewalls, (b) the evolving computational intelligence system for malware detection (ECISMD) that spots and isolates malwares located in packed executables untraceable by antivirus, and (c) the evolutionary prevention system from SQL injection (ePSSQLI) attacks, which early and smartly forecasts the attacks using SQL Injections methods.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Garcıa Teodoro, P., Dıaz-Verdejo, J., Macia-Fernandez, G., Vazquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Elsevier Comput. Security 28, 18–28 (2009)

    Article  Google Scholar 

  2. Demertzis, K., Iliadis, L.: A hybrid network anomaly and intrusion detection approach based on evolving spiking neural network classification. In: E-Democracy, Security, Privacy and Trust in a Digital World. Communications in Computer and Information Science, vol. 441, pp. 11–23. (2014). doi:10.1007/978-3-319-11710-2_2

    Article  Google Scholar 

  3. Yan, W., Zhang, Z., Ansari, N.: Revealing packed malware. IEEE Secur. Priv. 6(5), 65–69 (2007)

    Article  Google Scholar 

  4. Cesare, S., Xiang, Y.: Software Similarity and Classification. Springer, New York (2012)

    Book  MATH  Google Scholar 

  5. Demertzis, K., Iliadis, L.: Evolving computational intelligence system for malware detection. In: Advanced Information Systems Engineering Workshops. Lecture Notes in Business Information Processing, vol. 178, pp. 322–334. (2014). doi:10.1007/978-3-319-07869-4_30

    Google Scholar 

  6. Open Web Application Security Project (OWASP): (2014) https://www.owasp.org

  7. Dorothy, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng. 13, 222–232 (1987). doi:10.1109/TSE.1987.232894

    Google Scholar 

  8. Puketza, N., Zhang, K., Chung, M., Mukherjee, B., Olsson, R.A.: A methodology for testing intrusion detection system. IEEE Trans. Softw. Eng. 22, 719–729 (1996). doi:10.1109/32.544350

    Article  Google Scholar 

  9. Bharti, K., Jain, S., Shukla, S.: Fuzzy K-mean clustering via random forest for intrusiion detection system. Int. J. Comput. Sci. Eng. 02(06), 2197–2200 (2010)

    Google Scholar 

  10. Mehdi B., Mohammad B.: An overview to software architecture in intrusion detection system. Int. J. Soft Comput. Softw. Eng. (2012). doi:10.7321/jscse.v1.n1.1

    Google Scholar 

  11. Muna, M., Jawhar, T., Monica, M.: Design network intrusion system using hybrid fuzzy neural network. Int. J. Comput. Sci. Secur. 4(3), 285–294 (2009)

    Google Scholar 

  12. Jakir, H., Rahman, A., Sayeed, S., Samsuddin, K., Rokhani, F.: A modified hybrid fuzzy clustering algorithm for data partitions. Aust. J. Basic Appl. Sci. 5, 674–681 (2011)

    Google Scholar 

  13. Suguna, J., Selvi, A.M.: Ensemble fuzzy clustering for mixed numeric and categorical data. Int. J. Comput. Appl. 42, 19–23 (2012). doi:10.5120/5673-7705

    Google Scholar 

  14. Vladimir, V.: The Nature of Statistical Learning Theory, 2nd edn., p. 188. Springer, New York (1995). ISBN-10: 0387945598

    Google Scholar 

  15. John, G.H.: Estimating continuous distributions in bayesian classifiers. In: Proceedings of the Eleventh Conference on Uncertainty in Artificial Intelligence, (UAI’ 95), pp. 338–345. Morgan Kaufmann Publishers Inc., San Francisco (1995)

    Google Scholar 

  16. Sang-Jun, H., Sung-Bae, C.: Evolutionary neural networks for anomaly detection based on the behavior of a program. IEEE Trans. Syst. Man Cybern. 36, 559–570 (2005) doi:10.1109/TSMCB.2005.860136

    Article  Google Scholar 

  17. Mehdi, M., Mohammad, Z.: A neural network based system for intrusion detection and classification of attacks. In: IEEE International Conference on Advances in Intelligent Systems - Theory and Applications (2004)

    Google Scholar 

  18. Zhou, T.-J.: The research of intrusion detection based on genetic neural network. In: Proceedings of the 2008 International Conference on Wavelet Analysis and Pattern Recognition, pp. 276–281, 30–31 Aug 2008. IEEE Xplore Press, Hong Kong (2008). doi:10.1109/ICWAPR.2008.4635789

    Google Scholar 

  19. Novikov, D., Yampolskiy, R.V., Reznik, L.: Anomaly detection based intrusion detection. In: Proceedings of the Third International Conference on Information Technology: New Generations, pp. 420–425, 10–12 April 2006. IEEE Xplore Press, Las Vegas (2006) doi:10.1109/ITNG.2006.33

    Google Scholar 

  20. Dahlia, A., Zainaddin, A., Mohd Hanapi, Z.: Hybrid of fuzzy clustering neural network over nsl dataset for intrusion detection system. J. Comput. Sci. 9(3), 391–403 (2013). ISSN: 1549-3636 2013. doi:10.3844/jcssp.2013391 403 [Science Publications]

  21. Tartakovskya, A.G., Rozovskii, B.L., Rudolf, B., Blazek, R.B., Kim, H.J.: A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods. IEEE Trans. Signal Process. 54(9) (2006). doi:10.1109/TSP.2006.879308

    Google Scholar 

  22. Mukhopadhyay, I.: Implementation of Kalman filter in intrusion detection system. In: Proceeding of ISCI Technologies, Vientiane (2008)

    Google Scholar 

  23. Simei Gomes, W., Lubica, B., Kasabov Nikola, K.: Adaptive learning procedure for a network of spiking neurons and visual pattern recognition. In: Advanced Concepts for Intelligent Vision Systems. Springer, New York (2006)

    Google Scholar 

  24. Babar, K., Khalid, F.: Generic unpacking techniques., Computer, Control and Communication, 2nd International Conference on IC4 IEEE (2009), DOI:10.1109/IC4.2009.4909168 (2009)

    Google Scholar 

  25. Royal, P., Halpin, M., Dagon, D., Edmonds, R.: Polyunpack: automating the hidden-code extraction of unpack-executing malware. In: ACSAC (2006)

    Google Scholar 

  26. Kang, M., Poosankam, P., Yin, H.: Renovo: a hidden code extractor for packed executables. In: 2007 ACM Workshop on Recurring Malcode (2007)

    Google Scholar 

  27. Martignoni, L., Christodorescu, M., Jha, S.: Omniunpack: fast, generic, and safe unpacking of malware. In: Proceedings of the ACSAC, pp. 431/441 (2007)

    Google Scholar 

  28. Yegneswaran, V., Saidi, H., Porras, P., Sharif, M.: Eureka: a framework for enabling static analysis on malware. Technical Report SRI-CSL-08-01 (2008)

    Google Scholar 

  29. Danielescu, A.: Anti-debugging and anti-emulation techniques. Code-Breakers J. 5(1), 27–30 (2008)

    Google Scholar 

  30. Farooq, M.: PE-Miner: mining structural information to detect malicious executables in realtime. In: 12th Symposium on Recent Advances in ID, pp. 121–141. Springer, New York (2009)

    Google Scholar 

  31. Shaq, M., Tabish, S., Farooq, M.: PE-probe: leveraging packer detection and structural information to detect malicious portable executables. In: Proceedings of the Virus Bulletin Conference (2009)

    Google Scholar 

  32. Perdisci, R., Lanzi, A., Lee, W.: McBoost: boosting scalability in malware collection and analysis using statistical classiffication of executables. In: Proceedings of the 2008 Annual Computer Security Applications Conference, pp. 301/310 (2008). ISSN: 1063–9527

    Google Scholar 

  33. Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. ML Res. 7, 2721–2744 (2006)

    MathSciNet  MATH  Google Scholar 

  34. Ugarte-Pedrero, X., Santos, I., Bringas, P.G., Gastesi, M., Esparza, J.M.: Semi-supervised Learning for Packed Executable Detection, Network and System Security (NSS), 5th International Conference on, (2011). DOI: 10.1109/ICNSS.2011.6060027

    Google Scholar 

  35. Ugarte-Pedrero, X., Santos, I., Laorden, C., Sanz, B., Bringas, G.P.: Collective classification for packed executable identification. In: ACM CEAS (2011)

    Google Scholar 

  36. Gavrilut, D., Cimpoes, M., Anton, D., Ciortuz, L.: Malware detection using machine learning. In: Proceedings of the International Multiconference on Computer Science and Information Technology, pp. 735–741 (2009). ISBN: 978-83-60810-22-4

    Google Scholar 

  37. Ye, Y., Wang, D., Li, T., Ye, D.: Imds: Intelligent Malware Detection System. ACM, New York (2007)

    Book  Google Scholar 

  38. Chandrasekaran, M., Vidyaraman, V., Upadhyaya S.J.: Spycon: emulating user activities to detect evasive spyware. Performance, Computing, and Communications Conference, 2007. In: IPCCC 2007. IEEE International Conference on (2007). DOI:10.1109/PCCC.2007.358933

    Google Scholar 

  39. Chouchane, M.R., Walenstein, A., Lakhotia, A.: Using Markov Chains to filter machine-morphed variants of malicious programs. In: 3rd International Conference on Malicious and Unwanted Software, 2008, MALWARE 2008, pp. 77–84 (2008)

    Google Scholar 

  40. Stamp, M., Attaluri, S., McGhee, S.: Profile hidden marko v models and metamorphic virus detection. J. Comput. Virol. 5(2):151-169 (2009). DOI: 10.1007/s11416-008-0105-1

    Article  Google Scholar 

  41. Santamarta, R.: Generic detection and classification of polymorphic malware using neural pattern recognition, white paper, ReverseMode. http://www.reversemode.com/ (2006)

  42. Yoo, I.: Visualizing windows executable viruses using self-organizing maps. In: VizSEC/DMSEC ’04: ACM Workshop (2004)

    Google Scholar 

  43. Livshits, V.B., Lam, M.S.: Finding Security vulnerability in Java applications with static analysis. In: Proceedings of the 14th USS, August 2005

    Google Scholar 

  44. Halfond, W.G.J., Orso, A., Manolios, P.: WASP: protecting web applications using positive tainting and syntax-aware evaluation. IEEE Trans. Softw. Eng. 34, 181–191 (2008)

    Article  Google Scholar 

  45. Buehrer, G.T., Weide, B.W., Sivilotti, Using Parse tree validation to prevent SQL injection attacks. In: Proceeding of the 5th International Workshop on Software Engineering and Middleware (SEM ’056), pp. 106–113, September 2005

    Google Scholar 

  46. Cova, M., Balzarotti, D., Felmetsger, V., Vigna, G.: Swaddler: an approach for the anamoly based character distribution models in the detection of SQL injection attacks. In: Recent Advances in Intrusion Detection System, pp. 63–86. Springerlink, New York (2007)

    Google Scholar 

  47. Gerstenberger, R.: Anomaliebasierte Angriffserkennung im FTP-Protokoll. Master’s Thesis, University of Potsdam, Germany (2008)

    Google Scholar 

  48. Dùssel, P., Gehl, C., Laskov, P., Rieck, K.: Incorporation of application layer protocol syntax into anomaly detection. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 188–202. Springer, Heidelberg (2008)

    Google Scholar 

  49. Bockermann, C., Apel, M., Meier, M.: Learning sql. for database intrusion detection using context-sensitive modelling. In: Detection of Intrusions and Malware, and Vulnerability Assessment, vol. 5587/2009, pp. 196–205. Springer Berlin/Heidelberg (2009)

    Google Scholar 

  50. Dewhurst, R.: Damn Vulnerable Web Application (DVWA). http://www.dvwa.co.uk/ (2012)

  51. Bernardo Damele, A.G., Stampar, M.: Sqlmap: automatic SQL injection and database takeover tool. http://sqlmap.sourceforge.net/ (2012)

  52. Valeur, F., Mutz, D., Vigna, G.: A Learning-based approach to the detection of SQL attacks. In: Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment, Vienna, pp. 123–140 (2005)

    Google Scholar 

  53. Wang, Y., Li, Z.: SQL injection detection with composite kernel in support vector machine. Int. J. Secur. Appl. 6(2), 191 (2012)

    Google Scholar 

  54. Romi Rawat, R., Kumar Shrivastav, S.: SQL injection attack detection using SVM. Int. J. Comput. Appl. 42(13), 0975–8887 (2012)

    Google Scholar 

  55. Huang, Z., Hong Cheon, E.: An approach to prevention of SQL injection attack based on machine learning. In: Proceedings of the First Yellow Sea International Conference on Ubiquitous Computing, Weihai (2011)

    Google Scholar 

  56. Hong Cheon, E., Huang, Z., Sik Lee, Y.: Preventing SQL injection attack based on machine learning. Int. J. Adv. Comput. Technol. 5(9), (2013). doi:10.4156/ijact.vol5.issue9.115

  57. Thorpe, S.J., Arnaud, D., van Rullen, R.: Spike-based strategies for rapid processing. Neural Netw. 14(6–7), 715–725 (2001)

    Article  Google Scholar 

  58. Delorme A., Perrinet L., Thorpe S.J., Networks of integrate-and-fire neurons using rank order coding b: spike timing dependant plasticity and emergence of orientation selectivity. Neurocomputing 38–40(1–4), 539–545 (2000)

    Google Scholar 

  59. Thorpe, S.J., Gautrais, J.: Rank order coding. In: CNS ’97: Proceding of the 6th Annual Conference on Computational Neuroscience: Trends in Research, pp. 113–118. Plenum Press, New York (1998)

    Google Scholar 

  60. Nikola, K.: Evolving Connectionist Systems: The Knowledge Engineering Approach. Springer, New York (2006)

    Google Scholar 

  61. Schliebs, S., Defoin-Platel, M., Kasabov, N.: Integrated feature and parameter optimization for an evolving spiking neural network. In: 15th International Conference, ICONIP 2008. Lecture Notes in Computer Science, vol. 5506, pp. 1229–1236, 25–28 Nov 2008. Springer, New York (2009)

    Google Scholar 

  62. Shrivastava, S., Singh, M.P.: Performance evaluation of feed-forward neural network with soft computing techniques for hand written English alphabets. Appl. Soft Comput. 11(1), 1156–1182 (2011)

    Article  Google Scholar 

  63. Shao, Y.E., Hsu, B.-S.: Determining the contributors for a multivariate SPC chart signal using artificial neural networks and support vector machine. J. ICIC 5(12(B)), 4899–4906 (2009)

    Google Scholar 

  64. Chou, P.-H., Hsu, C.-H., Wu, C.-F., Li, P.-H., Wu, M.-J.: Application of back-propagation neural network for e-commerce customers patterning. ICIC Express Lett. 3(3(B)), 775–785 (2009)

    Google Scholar 

  65. He, C., Li, H., Wang, B., Yu, W., Liang, X.: Prediction of compressive yield load for metal hollow sphere with crack based on artificial neural network. ICIC Express Lett. 3(4(B)), 1263–1268 (2009)

    Google Scholar 

  66. Wu, J.K., Kang, J., Chen, M.H., Chen, G.T.: Fuzzy neural network model based on particle swarm optimization for short-term load forecasting. In: Proceedings of CSU-EPSA 19(1), 63–67 (2007)

    Google Scholar 

  67. Li, D.K., Zhang, H.X., Li, S.A.: Development cost estimation of aircraft frame based on BP neural networks. FCCC 31(9), 27–29 (2006)

    Google Scholar 

  68. Karimi, B., Menhaj, M.B., Saboori, I.: Multilayer feed forward neural networks for controlling decentralized large-scale non-affine nonlinear systems with guaranteed stability. Int. J. Innov. Comput. Inf. Control 6(11), 4825–4841 (2010)

    Google Scholar 

  69. ZareNezhad, B., Aminian, A.: A multi-layer feed forward neural network model for accurate prediction of fue gas sulfuric acid dew points in process industries. Appl. Therm. Eng. 30(6–7), 692–696 (2010)

    Article  Google Scholar 

  70. Huang, L., Song, Q., Kasabov, N.: Evolving connectionist system based role allocation for robotic soccer. Playing, Intelligent Control, 2005. Proceedings of the IEEE International Symposium on (2005). Mediterrean Conference on Control and Automation (2005). DOI:10.1109/.2005.1466988

    Google Scholar 

  71. Kasabov, N.: Evolving fuzzy neural networks for on-line supervised/ unsupervised, knowledge–based learning. IEEE Trans. Cybern. 31(6), 902–918 (2001)

    Article  Google Scholar 

  72. Song, Q., Kasabov, N.: Weighted data normalization and feature selection. In: Proceedings 8th Intelligence Information Systems Conference (2003)

    Google Scholar 

  73. Kasabov, N., Song Q.: GA-parameter optimization of evolving connectionist systems for classification and a case study from bioinformatics. In: 9th Conference on Neural Information ICONIP ’02, IEEE ICONIP. 1198128 (2002)

    Google Scholar 

  74. Vlassis, N.: A Concise Introduction to Multiagent Systems and Distributed Artificial Intelligence. Morgan and Claypool Publishers, San Rafael (2008). ISBN: 978-1-59829-526-9

    Google Scholar 

  75. Stolfo Salvatore, J., Wei, F., Lee, W., Andreas, P., Chan, P.K.: Cost-based modeling and evaluation for data mining with application to fraud and intrusion detection: results from the JAM project. In: Proceedings of DARPA Information Survivability Conference and Exposition, DISCEX ’00 (2000)

    Google Scholar 

  76. Jeff, H.: Introduction to Neural Networks with Java, 1st edn. (2008). ISBN: 097732060X

    Google Scholar 

  77. Goh, L., Song, Q., Kasabov, N.: A novel feature selection method to improve classification of gene expression data. In: 2nd Asia-Pacific IT Conference, vol. 29 (2004)

    Google Scholar 

  78. Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27(3), 379–423 (1948)

    Article  MathSciNet  MATH  Google Scholar 

  79. Zwillinger, D., Kokoska, S.: CRC Standard Probability and Statistics Tables and Formulae, CRC Press Print (1999). ISBN: 978-1-58488-059-2, eBook ISBN: 978-1-4200-5026-4

    Google Scholar 

  80. Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P.: J. Artif. Intell. Res., 16(1), 321–357 (2002)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Forestry & Management of the Environment & Natural Resources, Democritus University of Thrace, Xanthi, 671 00, Greece

    Konstantinos Demertzis & Lazaros Iliadis

Authors
  1. Konstantinos Demertzis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lazaros Iliadis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Konstantinos Demertzis .

Editor information

Editors and Affiliations

  1. Department of Mathematics and Engineering, Hellenic Military Academy, Vari Attikis, Greece

    Nicholas J. Daras

  2. Department of Mathematics, ETH Zürich, Zürich, Switzerland

    Michael Th. Rassias

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Demertzis, K., Iliadis, L. (2015). A Bio-Inspired Hybrid Artificial Intelligence Framework for Cyber Security. In: Daras, N., Rassias, M. (eds) Computation, Cryptography, and Network Security. Springer, Cham. https://doi.org/10.1007/978-3-319-18275-9_7

Download citation

Publish with us

Policies and ethics

Search

Navigation