Skip to main content
SpringerLink
Log in

Bioinspired Intrusion Detection in ITC Infrastructures

  • Conference paper
  • First Online:
Technological Transformation: A New Role For Human, Machines And Management (TT 2020)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 157))

Abstract

The paper discusses an application of the bioinspired sequence alignment algorithms to detect the security intrusions. Needleman-Wunsch and Smith-Waterman algorithms are reviewed and applied to detect regions of similarity in operational chains. Our work proposes their utilization to protect new digital infrastructures. Using the first algorithm, it is possible to detect polymorphic intrusions, the second one is applicable for anomaly detection. The experimental study is obtained for the Smith-Waterman algorithm applied for CVE vulnerabilities detection with the higher accuracy than a traditional technique.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Sung, A.H., Mukkamala, S.: The feature selection and intrusion detection problems. In: Maher, M.J. (ed.) ASIAN 2004. LNCS, vol. 3321, pp. 468–482. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30502-6_34

    Chapter  Google Scholar 

  2. McHugh, J.: Intrusion and intrusion detection. Int. J. Inf. Secur. 1(1), 14–35 (2001). https://doi.org/10.1007/s102070100001

    Article  MATH  Google Scholar 

  3. Kumar, V.: Signature based intrusion detection system using SNORT. Int. J. Comput. Appl. Inf. Technol. - IJCAIT (2012)

    Google Scholar 

  4. Needleman, S.B., Wunsch, C.D.: A general method applicable to the search for similarities in the amino acid sequence of two proteins. J. Mol. Biol. (1970). https://doi.org/10.1016/0022-2836(70)90057-4

    Article  Google Scholar 

  5. Mott, R.: Smith-Waterman algorithm. In: Encyclopedia of Life Sciences (2005). https://doi.org/10.1038/npg.els.0005263

  6. Tan, T.W., Lee, E.: Sequence alignment. In: Beginners Guide to Bioinformatics for High Throughput Sequencing (2018). https://doi.org/10.1142/9789813230521_0004

  7. Lunt, T.F.: A survey of intrusion detection techniques. Comput. Secur. (1993). https://doi.org/10.1016/0167-4048(93)90029-5

    Article  Google Scholar 

  8. Payer, U., Teufl, P., Lamberger, M.: Hybrid engine for polymorphic shellcode detection. In: Julisch, K., Kruegel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 19–31. Springer, Heidelberg (2005). https://doi.org/10.1007/11506881_2

    Chapter  Google Scholar 

  9. Leghris, C., Elaeraj, O., Renault, E.: Improved security intrusion detection using intelligent techniques. In: Proceedings - 2019 International Conference on Wireless Networks and Mobile Communications, WINCOM 2019 (2019). https://doi.org/10.1109/wincom47513.2019.8942553

  10. Hsiao, S.W., Sun, Y.S., Chen, M.C., Zhang, H.: Behavior profiling for robust anomaly detection. In: Proceedings - 2010 IEEE International Conference on Wireless Communications, Networking and Information Security, WCNIS 2010 (2010). https://doi.org/10.1109/WCINS.2010.5541822

  11. Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Commun. ACM (1976). https://doi.org/10.1145/360303.360333

    Article  MATH  Google Scholar 

  12. Smith, T.F., Waterman, M.S.: Identification of common molecular subsequences. J. Mol. Biol. (1981). https://doi.org/10.1016/0022-2836(81)90087-5

    Article  Google Scholar 

  13. Waterman, M.S., Eggert, M.: A new algorithm for best subsequence alignments with application to tRNA-rRNA comparisons. J. Mol. Biol. (1987). https://doi.org/10.1016/0022-2836(87)90478-5

    Article  Google Scholar 

  14. Arslan, A.N., Eǧecioǧlu, Ö., Pevzner, P.A.: A new approach to sequence comparison: normalized sequence alignment. Bioinformatics (2001). https://doi.org/10.1093/bioinformatics/17.4.327

    Article  Google Scholar 

  15. Nalbantoǧlu, Ö.U.: Dynamic programming. Methods Mol. Biol. (2014). https://doi.org/10.1007/978-1-62703-646-7_1

    Article  Google Scholar 

  16. Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Proceedings of the ACM Conference on Computer and Communications Security (2002). https://doi.org/10.1145/586143.586145

  17. Forrest, S., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A.: Sense of self for unix processes. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy (1996). https://doi.org/10.1109/secpri.1996.502675

  18. Liu, Y., Chen, K., Liao, X., Zhang, W.: A genetic clustering method for intrusion detection. Pattern Recognit. (2004). https://doi.org/10.1016/j.patcog.2003.09.011

    Article  Google Scholar 

  19. Sazzadul Hoque, M.: An implementation of intrusion detection system using genetic algorithm. Int. J. Netw. Secur. Its Appl. (2012). https://doi.org/10.5121/ijnsa.2012.4208

    Article  Google Scholar 

  20. Lavrova, D., Pechenkin, A.: Applying correlation and regression analysis to detect security incidents in the internet of things. Int. J. Commun. Netw. Inf., Secur (2015)

    Google Scholar 

  21. Lavrova, D., Poltavtseva, M., Shtyrkina, A., Zegzhda, P.: Detection of cyber threats to network infrastructure of digital production based on the methods of Big Data and multifractal analysis of traffic. SHS Web Conf. (2018). https://doi.org/10.1051/shsconf/20184400051

    Article  Google Scholar 

  22. Poltavtseva, M.A., Zegzhda, D.P., Pavlenko, E.Y.: High-performance NIDS architecture for enterprise networking. In: 2019 IEEE International Black Sea Conference on Communications and Networking, BlackSeaCom 2019 (2019). https://doi.org/10.1109/blackseacom.2019.8812808

  23. Demidov, R., Pechenkin, A., Zegzhda, P.: Integer overflow vulnerabilities detection in software binary code. In: ACM International Conference Proceeding Series (2017). https://doi.org/10.1145/3136825.3136872

  24. CVE Repository. https://cve.mitre.org. Accessed 10 Mar 2020

  25. CVE-2018-4878 vulnerability specification. https://www.securityfocus.com/bid/102893, Accessed 10 Mar 2020

  26. Suricata Open Information Security Foundation (OISF): Suricata Open Source IDS/IPS/NSM engine. https://suricata-ids.org. Accessed 10 Mar 2020

  27. Coull, S., Branch, J., Szymanski, B., Breimer, E.: Intrusion detection: a bioinformatics approach. In: Proceedings - Annual Computer Security Applications Conference, ACSAC (2003). https://doi.org/10.1109/csac.2003.1254307

  28. Song, D., Heywood, M.I., Zincir-Heywood, A.N.: A linear genetic programming approach to intrusion detection. In: Cantú-Paz, E., Foster, J.A., Deb, K., Davis, L.D., Roy, R., O’Reilly, U.-M., Beyer, H.-G., Standish, R., Kendall, G., Wilson, S., Harman, M., Wegener, J., Dasgupta, D., Potter, M.A., Schultz, A.C., Dowsland, K.A., Jonoska, N., Miller, J. (eds.) GECCO 2003. LNCS, vol. 2724, pp. 2325–2336. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-45110-2_125

    Chapter  MATH  Google Scholar 

  29. Li, N., Xia, C., Yang, Y., Wang, H.: An algorithm for generation of attack signatures based on sequences alignment. In: Proceedings - International Conference on Computer Science and Software Engineering, CSSE 2008 (2008). https://doi.org/10.1109/csse.2008.555

  30. Corpet, F.: Multiple sequence alignment with hierarchical clustering. Nucleic Acids Res. (1988). https://doi.org/10.1093/nar/16.22.10881

    Article  Google Scholar 

  31. Darling, A.C.E., Mau, B., Blattner, F.R., Perna, N.T.: Mauve: multiple alignment of conserved genomic sequence with rearrangements. Genome Res. (2004). https://doi.org/10.1101/gr.2289704

    Article  Google Scholar 

Download references

Acknowledgments

The reported study was funded by RFBR according to the research project №18-29-03102.

Project results are achieved using the resources of supercomputer center of Peter the Great St.Petersburg Polytechnic University – SCC “Polytechnichesky” (www.spbstu.ru).

Author information

Authors and Affiliations

  1. LG Electronics Inc., Seoul, Korea

    Sangwon Lim

  2. Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia

    Maxim Kalinin & Peter Zegzhda

Authors
  1. Sangwon Lim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maxim Kalinin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peter Zegzhda
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Maxim Kalinin .

Editor information

Editors and Affiliations

  1. Hamburg University of Technology, Hamburg, Hamburg, Germany

    Hanno Schaumburg

  2. Peter the Great Saint-Petersburg Polytechnic University, St.Petersburg, Russia

    Vadim Korablev

  3. Deutsch Kasachische Universitat, Almaty, Kazakhstan

    Laszlo Ungvari

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lim, S., Kalinin, M., Zegzhda, P. (2021). Bioinspired Intrusion Detection in ITC Infrastructures. In: Schaumburg, H., Korablev, V., Ungvari, L. (eds) Technological Transformation: A New Role For Human, Machines And Management. TT 2020. Lecture Notes in Networks and Systems, vol 157. Springer, Cham. https://doi.org/10.1007/978-3-030-64430-7_2

Download citation

Publish with us

Policies and ethics

Search

Navigation