Abstract
Intrusion Detection System (IDS) can be defined as a group of tools, methods and resources that help us to predict or identify any unauthorized activity in a network. Current IDSs are mainly based on techniques constructed on heuristic rules, named signatures, in order to detect intrusions in a network environment. The drawbacks of these approach is that it could only detect a known attacks and referenced above. Contrastively, Intrusion Detection behavioral, or anomaly, assume that attacks causes an abnormal use of resources or manifest a strange behavior on the part of the user, by studying the behavior of the different types of network traffic it can identify the known and unknown attacks using the artificial learning algorithm. This study proposes a new behavioral approach of intrusion detection based on combination APSO (Accelerated Particle Swarm Optimization)-SVM (Support Vector Machine) to develop a model for IDS. The simulation results show a significant amelioration in performances, all tests were realized with the NSL-KDD data set. In comparison with other methods based on the same dataset, the proposed model shows a high detection performance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Report of the international telecommunications union (ITU). (2016). http://www.itu.int/en/ITU-D/Statistics/Pages/facts/default.aspx. Accessed 13 April 2017.
Anderson, J. P. (1980). Computer security threat monitoring and surveillance. Technical report.
Denning, D. E. (1987). An intrusion-detection model. IEEE Transactions on Software - Engineering, 13(2), 222–232.
Curry, D., & Debar, H. (2006). Intrusion detection message exchange format data model and extensible markup language (xml) document type definition. https://tools.ietf.org/html/draft-ietf-idwg-idmef-xml-16. Accessed 13 April 2017.
Intrusion detection message exchange format (IDMEF). www.ietf.org/rfc/rfc4765.txt. Accessed 13 April 2017.
Debar, I. H., Dacier, M., & Wespi, A. (2000). A revised taxonomy for intrusion-detection systems. Annales des Telecommunications., 55(7), 361–378.
Forrest, I. S., Hofmeyr, S. A., Somayaji, A., Longstaff, T. A. (1996). A sense of self for unix processes. In The 12th IEEE Symposium on Research in Security and Privacy (pp. 120–128).
Wespi, A., Dacier, M., & Debar, H. (2000). Intrusion detection using variable-length audit trail patterns. In The 3rd International Workshop on the Recent Advances in Intrusion Detection, (pp. 110–129).
Govindarajan, M., & Chandrasekaran, R. (2012). Intrusion detection using an ensemble of classification methods. World Congress on Engineering and Computer Science, 1, 1–6.
Pervez, M. S., Farid, D. M. (2014). Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs. In The 8th International Conference on Software, Knowledge, Information,Management and Applications (pp. 1–6).
Kanakarajan, N. K., Muniasamy, K. (2015). Improving the accuracy of intrusion detection using gar-forest with feature selection. In The 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA) (pp. 539–547). Berlin: Springer.
Gaikwad, D., & ThoolR, C. (2015). Intrusion detection system using bagging with partial decision treebase classifier. Procedia Computer Science, 49, 92–98.
Kevric, J., Jukic, S., & Subasi, A. (2016). An effective combining classifier approach using tree algorithms for network intrusion detection. Neural Computing and Applications, 1–8. online available.
Aygun, R. C., Gokhan, A. Y. (2017), Network anomaly detection with stochastically improved autoencoder based models. In The IEEE 4th International Conference on Cyber Security and Cloud Computing (pp. 193–198).
Kennedy, J., Eberhart, R. C.(1995). Particle swarm optimization. In The 4th IEEE International Conference on Neural Networks (pp. 1942–1948).
Kennedy, J., Eberhart, R. C. (1997). A discrete binary version of the particle swarm algorithm. In The IEEE International Conference on Systems, Man, and Cybernetics (pp. 4104–4108). Orlando.
Yang, X. S. (2008). Nature-Inspired Metaheuristic Algorithms. Luniver Press.
Yang, X. S. (2010). Engineering Optimization: An Introduction with Metaheuristic Applications. Chichester: Wiley.
Burges, C. (1998). A tutorial on support vector machines for pattern recognition. Data Mining and Knowledge Discovery, 2(2), 121–167.
Vapnik, V., & Cortes, C. (1995). Support vector networks. Machine Learning, 20(3), 273–297.
Chang, C. (2005). Practical guide to support vector classification. Technical report. 10.1.1.224.4115.
Pardo, M., & Sberveglieri, G. (2005). Classification of electronic nose data with support vector machines. Sensors and Actuators B Chemical, 107, 730–737.
Salzberg, S. L. (1997). On comparing classifiers: pitfalls to avoid and a recommended approach. Data Mining and Knowledge Discovery, 1, 317–327.
Christopher, M. B. (2006). Pattern Recognition and Machine Learning (1st ed.). Berlin: Springer.
Data set KDD99. http://kdd.ics.uci.edu/databases/kddcup99. Accessed 15 August 2017.
zgr, A., & Erdem, H. (2016). A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. Peer J Preprints, 4, e1954.
Mahoney, M. V., & Chan, P. K. (2003). An analysis of the 1999 DARPA/Lincoln laboratory evaluation data for network anomaly detection. Proceedings of the Sixth International Symposium on Recent Advances in Intrusion Detection. Lecture Notes in Computer Science (pp. 220–237). Verlag: Springer.
Data set NSL-KDD99. http://www.unb.ca/cic/research/datasets/nsl.html. Accessed 15 August 2017.
Hassan, M. (2013). Current studies on intrusion detection system, genetic algorithm and fuzzy logic. International Journal of Distributed and Parallel Systems, 4(2), 35–47.
Eiben, A. E., & Smit, S. K. (2011). Evolutionary algorithm parameters and methods to tune them. In E. M. Y. Hamadi & F. Saubion (Eds.), Autonomous Search. Berlin: Springer.
Wong, K. Y., Komarudin. (2008). Parameter tuning for ant colony optimization: a review. In Proceedings of the International Conference on Computer and Communication Engineering (ICCCE08): Global Links for human development. Kuala Lumpa, Malaysia, 13–15 May.
Acknowledgements
This work is supported in part by the High School of Technology, Moulay Ismail University Meknes, which has provided the calculation station where we have executed our experiences.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Moukhafi, M., Bri, S., El Yassini, K. (2019). Intrusion Detection System Based on a Behavioral Approach. In: Talbi, EG., Nakib, A. (eds) Bioinspired Heuristics for Optimization. Studies in Computational Intelligence, vol 774. Springer, Cham. https://doi.org/10.1007/978-3-319-95104-1_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-95104-1_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-95103-4
Online ISBN: 978-3-319-95104-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)