Abstract
The paper discusses an application of the bioinspired sequence alignment algorithms to detect the security intrusions. Needleman-Wunsch and Smith-Waterman algorithms are reviewed and applied to detect regions of similarity in operational chains. Our work proposes their utilization to protect new digital infrastructures. Using the first algorithm, it is possible to detect polymorphic intrusions, the second one is applicable for anomaly detection. The experimental study is obtained for the Smith-Waterman algorithm applied for CVE vulnerabilities detection with the higher accuracy than a traditional technique.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Sung, A.H., Mukkamala, S.: The feature selection and intrusion detection problems. In: Maher, M.J. (ed.) ASIAN 2004. LNCS, vol. 3321, pp. 468–482. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30502-6_34
McHugh, J.: Intrusion and intrusion detection. Int. J. Inf. Secur. 1(1), 14–35 (2001). https://doi.org/10.1007/s102070100001
Kumar, V.: Signature based intrusion detection system using SNORT. Int. J. Comput. Appl. Inf. Technol. - IJCAIT (2012)
Needleman, S.B., Wunsch, C.D.: A general method applicable to the search for similarities in the amino acid sequence of two proteins. J. Mol. Biol. (1970). https://doi.org/10.1016/0022-2836(70)90057-4
Mott, R.: Smith-Waterman algorithm. In: Encyclopedia of Life Sciences (2005). https://doi.org/10.1038/npg.els.0005263
Tan, T.W., Lee, E.: Sequence alignment. In: Beginners Guide to Bioinformatics for High Throughput Sequencing (2018). https://doi.org/10.1142/9789813230521_0004
Lunt, T.F.: A survey of intrusion detection techniques. Comput. Secur. (1993). https://doi.org/10.1016/0167-4048(93)90029-5
Payer, U., Teufl, P., Lamberger, M.: Hybrid engine for polymorphic shellcode detection. In: Julisch, K., Kruegel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 19–31. Springer, Heidelberg (2005). https://doi.org/10.1007/11506881_2
Leghris, C., Elaeraj, O., Renault, E.: Improved security intrusion detection using intelligent techniques. In: Proceedings - 2019 International Conference on Wireless Networks and Mobile Communications, WINCOM 2019 (2019). https://doi.org/10.1109/wincom47513.2019.8942553
Hsiao, S.W., Sun, Y.S., Chen, M.C., Zhang, H.: Behavior profiling for robust anomaly detection. In: Proceedings - 2010 IEEE International Conference on Wireless Communications, Networking and Information Security, WCNIS 2010 (2010). https://doi.org/10.1109/WCINS.2010.5541822
Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Commun. ACM (1976). https://doi.org/10.1145/360303.360333
Smith, T.F., Waterman, M.S.: Identification of common molecular subsequences. J. Mol. Biol. (1981). https://doi.org/10.1016/0022-2836(81)90087-5
Waterman, M.S., Eggert, M.: A new algorithm for best subsequence alignments with application to tRNA-rRNA comparisons. J. Mol. Biol. (1987). https://doi.org/10.1016/0022-2836(87)90478-5
Arslan, A.N., Eǧecioǧlu, Ö., Pevzner, P.A.: A new approach to sequence comparison: normalized sequence alignment. Bioinformatics (2001). https://doi.org/10.1093/bioinformatics/17.4.327
Nalbantoǧlu, Ö.U.: Dynamic programming. Methods Mol. Biol. (2014). https://doi.org/10.1007/978-1-62703-646-7_1
Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Proceedings of the ACM Conference on Computer and Communications Security (2002). https://doi.org/10.1145/586143.586145
Forrest, S., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A.: Sense of self for unix processes. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy (1996). https://doi.org/10.1109/secpri.1996.502675
Liu, Y., Chen, K., Liao, X., Zhang, W.: A genetic clustering method for intrusion detection. Pattern Recognit. (2004). https://doi.org/10.1016/j.patcog.2003.09.011
Sazzadul Hoque, M.: An implementation of intrusion detection system using genetic algorithm. Int. J. Netw. Secur. Its Appl. (2012). https://doi.org/10.5121/ijnsa.2012.4208
Lavrova, D., Pechenkin, A.: Applying correlation and regression analysis to detect security incidents in the internet of things. Int. J. Commun. Netw. Inf., Secur (2015)
Lavrova, D., Poltavtseva, M., Shtyrkina, A., Zegzhda, P.: Detection of cyber threats to network infrastructure of digital production based on the methods of Big Data and multifractal analysis of traffic. SHS Web Conf. (2018). https://doi.org/10.1051/shsconf/20184400051
Poltavtseva, M.A., Zegzhda, D.P., Pavlenko, E.Y.: High-performance NIDS architecture for enterprise networking. In: 2019 IEEE International Black Sea Conference on Communications and Networking, BlackSeaCom 2019 (2019). https://doi.org/10.1109/blackseacom.2019.8812808
Demidov, R., Pechenkin, A., Zegzhda, P.: Integer overflow vulnerabilities detection in software binary code. In: ACM International Conference Proceeding Series (2017). https://doi.org/10.1145/3136825.3136872
CVE Repository. https://cve.mitre.org. Accessed 10 Mar 2020
CVE-2018-4878 vulnerability specification. https://www.securityfocus.com/bid/102893, Accessed 10 Mar 2020
Suricata Open Information Security Foundation (OISF): Suricata Open Source IDS/IPS/NSM engine. https://suricata-ids.org. Accessed 10 Mar 2020
Coull, S., Branch, J., Szymanski, B., Breimer, E.: Intrusion detection: a bioinformatics approach. In: Proceedings - Annual Computer Security Applications Conference, ACSAC (2003). https://doi.org/10.1109/csac.2003.1254307
Song, D., Heywood, M.I., Zincir-Heywood, A.N.: A linear genetic programming approach to intrusion detection. In: Cantú-Paz, E., Foster, J.A., Deb, K., Davis, L.D., Roy, R., O’Reilly, U.-M., Beyer, H.-G., Standish, R., Kendall, G., Wilson, S., Harman, M., Wegener, J., Dasgupta, D., Potter, M.A., Schultz, A.C., Dowsland, K.A., Jonoska, N., Miller, J. (eds.) GECCO 2003. LNCS, vol. 2724, pp. 2325–2336. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-45110-2_125
Li, N., Xia, C., Yang, Y., Wang, H.: An algorithm for generation of attack signatures based on sequences alignment. In: Proceedings - International Conference on Computer Science and Software Engineering, CSSE 2008 (2008). https://doi.org/10.1109/csse.2008.555
Corpet, F.: Multiple sequence alignment with hierarchical clustering. Nucleic Acids Res. (1988). https://doi.org/10.1093/nar/16.22.10881
Darling, A.C.E., Mau, B., Blattner, F.R., Perna, N.T.: Mauve: multiple alignment of conserved genomic sequence with rearrangements. Genome Res. (2004). https://doi.org/10.1101/gr.2289704
Acknowledgments
The reported study was funded by RFBR according to the research project №18-29-03102.
Project results are achieved using the resources of supercomputer center of Peter the Great St.Petersburg Polytechnic University – SCC “Polytechnichesky” (www.spbstu.ru).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Lim, S., Kalinin, M., Zegzhda, P. (2021). Bioinspired Intrusion Detection in ITC Infrastructures. In: Schaumburg, H., Korablev, V., Ungvari, L. (eds) Technological Transformation: A New Role For Human, Machines And Management. TT 2020. Lecture Notes in Networks and Systems, vol 157. Springer, Cham. https://doi.org/10.1007/978-3-030-64430-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-64430-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-64429-1
Online ISBN: 978-3-030-64430-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)