CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Filtering Intrusion Detection Alarms using Ant Clustering Approach

by Ghodhbani Salah, Jemili Farah
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 111 - Number 17
Year of Publication: 2015
Authors: Ghodhbani Salah, Jemili Farah
10.5120/19754-1048

Ghodhbani Salah, Jemili Farah . Filtering Intrusion Detection Alarms using Ant Clustering Approach. International Journal of Computer Applications. 111, 17 ( February 2015), 1-5. DOI=10.5120/19754-1048

@article{ 10.5120/19754-1048,
author = { Ghodhbani Salah, Jemili Farah },
title = { Filtering Intrusion Detection Alarms using Ant Clustering Approach },
journal = { International Journal of Computer Applications },
issue_date = { February 2015 },
volume = { 111 },
number = { 17 },
month = { February },
year = { 2015 },
issn = { 0975-8887 },
pages = { 1-5 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume111/number17/19754-1048/ },
doi = { 10.5120/19754-1048 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:48:07.687497+05:30
%A Ghodhbani Salah
%A Jemili Farah
%T Filtering Intrusion Detection Alarms using Ant Clustering Approach
%J International Journal of Computer Applications
%@ 0975-8887
%V 111
%N 17
%P 1-5
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

With the growth of cyber attacks, information safety has become an important issue all over the world. Many firms rely on security technologies such as intrusion detection systems (IDSs) to manage information technology security risks. IDSs are considered to be the last line of defense to secure a network and play a very important role in detecting large number of attacks. However the main problem with today's most popular commercial IDSs is generating high volume of alerts and huge number of false positives. This drawback has become the main motivation for many research papers in IDS area. Hence, in this paper we present a data mining technique to assist network administrators to analyze and reduce false positive alarms that are produced by an IDS and increase detection accuracy. Our data mining technique is unsupervised clustering method based on hybrid ANT algorithm. This algorithm discovers clusters of intruders' behavior without prior knowledge of a possible number of classes, then we apply K-means algorithm to improve the convergence of the ANT clustering. Experimental results on real dataset show that our proposed approach is efficient with high detection rate and low false alarm rate.

References
  1. N. Mansour & M. I. Chehab & A. Faour (2009), "Filtering intrusion detection alarms," Cluster Computing, vol. 13, no. 1, pp. 19-29.
  2. Przemyslaw kazienko & Piotr Dorosz (2003),"Intrusion Detection Systems (IDS)'', Part 2 Classification, Methods and Techniques. IT FAQ.
  3. Ning & Xu, (2003),"Learning attack strategies from intrusion alerts". In: Proc. 10th ACM Conf. on Computer and Communications Security, pp. 200–209. Washington D. C
  4. Kruegel & Robertson & Vigna, (2004),"Using alert verification to identify successful intrusion attempts". Pract. Inf. Process. Commun. 27(4), 220–228.
  5. Rachman,(2005),"Baseline analysis of security data. Securimine Software Inc", www. securimine. com
  6. Julisch & Dacier, (2002), "Mining intrusion detection alarms for actionable knowledge", Proc. International Conference on Knowledge Discovery and Data Mining, pp. 366–375. Edmonton, Canada
  7. Cuppens & Miege, (2002), "Alert correlation in a cooperative intrusion detection framework". In: Proc. 23rd IEEE Symposium on Security and Privacy, pp. 202–215. Toulouse, France.
  8. Faour & Leray, (2006), "Automated filtering of network intrusion detection alerts", In: Proc. 1st Joint Conf. on Security in Network Architectures and Security of Information Systems, pp. 277–291. Seignosse, France.
  9. Monmarche & Slimane, 1999, "On improving clustering in numerical databases with artificial ants", Advances in Artificial Life, pp. 626-635.
  10. Deneubourg & Gross, 1991, "The dynamics of collective sorting: Robot-like ants and ant-like Robots", In Proceedings of the First International Conference on Simulation of Adaptive Behavior: From Animals to Animats, Cambridge, MA, MIT Press, pp. 356-363
  11. Lumer & Faieta, 1994, "Diversity and adaptation in populations of clustering ants", Cambridge: MIT Press, In D. Cliff, P. Husbands, J. -A. Meyer, & S. W. Wilson (Eds. ), From animals to animats: Proceedings of the Third International Conference on Simulation of Adaptive Behavior,pp. 501-508.
  12. Lumer & Faieta, 1995, "Exploratory database analysis via self-organization".
  13. Gutowitz, 1993, 'Complexity-seeking ants', In Proc. of the Third European Conference on Artificial Life.
  14. Ngenkaew & Satoshi Ono, 2008, "Pheromone- Based Concept in Ant Clustering", In Proc. of 3rd International conf. on Intelligent System and Knowledge Engineering, pp. 308, 312.
  15. Handl & Knowles, 2003,"Ant Based clustering: a comparative study of its relative performance with respect to k-means average link and 1-D-som", Technical Report No. TR/IRIDIA/2003-24, Universite Libre de Bruxelles, Belgium.
  16. Brown & M. Huber, 2010, "Pseudo-hierarchical ant-based clustering using Automatic Boundary Formation and a Heterogeneous Agent Hierarchy to Improve Ant-Based Clustering Performance", IEEE international conference on SMC, pp. 2016-2024, 2010.
  17. Shanfei Li & Wei Huang, 2010, "An Improved Ant-Colony Clustering Algorithm Based On the Innovational Distance Calculation Formula", Third International Conference on Knowledge Discovery and Data Mining,pp. 342-346, 2010.
  18. Hong Jiang & Qingsong Yu, 2010, "An Improved Ant Colony Clustering Algorithm", 3rd International Conference on Biomedical Engineering and Informatics, IEEE 978-1-4244-64982/10, pp. 2368-2372.
  19. I. El-Feghi & M. Errateeb, 2009, "An Adaptive Ant-Based Clustering Algorithm with Improved Environment Perception", International Conference on Systems, Man, and Cybernetics, San Antonio, TX, USA - October 2009 published in IEEE 978-1-4244-2794-9/09,pp. 1431-1438.
  20. Monmarche & Slimane, 1999, "On improving clustering in numerical databases with artificial ants", Advances in Artificial Life, pp. 626-635.
  21. Monmarche, 1999, "On Data Clustering with Artificial Ants", In: Freitas AA, (ed. ), Data Mining with Evolutionary Algorithms: Research Directions – Papers from the AAAI Workshop, AAAI Press, pp. 23-26.
Index Terms

Computer Science
Information Sciences

Keywords

Intrusion detection system alarm filtering ANTClass ant clustering intruders' behaviors false alarms.

Powered by PhDFocusTM