Notification: Our email services are now fully restored after a brief, temporary outage caused by a denial-of-service (DoS) attack. If you sent an email on Dec 6 and haven't received a response, please resend your email.
CFP last date
20 December 2024
Reseach Article

A Hybrid Snort-Negative Selection Network Intrusion Detection Technique

by Tarek M. Mahmoud, Abdelmgeid A. Ali, Hussein M. Elshafie
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 146 - Number 5
Year of Publication: 2016
Authors: Tarek M. Mahmoud, Abdelmgeid A. Ali, Hussein M. Elshafie
10.5120/ijca2016910703

Tarek M. Mahmoud, Abdelmgeid A. Ali, Hussein M. Elshafie . A Hybrid Snort-Negative Selection Network Intrusion Detection Technique. International Journal of Computer Applications. 146, 5 ( Jul 2016), 24-31. DOI=10.5120/ijca2016910703

@article{ 10.5120/ijca2016910703,
author = { Tarek M. Mahmoud, Abdelmgeid A. Ali, Hussein M. Elshafie },
title = { A Hybrid Snort-Negative Selection Network Intrusion Detection Technique },
journal = { International Journal of Computer Applications },
issue_date = { Jul 2016 },
volume = { 146 },
number = { 5 },
month = { Jul },
year = { 2016 },
issn = { 0975-8887 },
pages = { 24-31 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume146/number5/25395-2016910703/ },
doi = { 10.5120/ijca2016910703 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:49:33.982560+05:30
%A Tarek M. Mahmoud
%A Abdelmgeid A. Ali
%A Hussein M. Elshafie
%T A Hybrid Snort-Negative Selection Network Intrusion Detection Technique
%J International Journal of Computer Applications
%@ 0975-8887
%V 146
%N 5
%P 24-31
%D 2016
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Network Intrusion Detection Systems (NIDSs) are systems that monitor computer networks to detect, identify and prevent the malicious events, which attempt to compromise the integrity, confidentiality or availability of computer networks. The NIDS may be classified according to the detection technique into two types, the "Signature-Based" and "Anomaly-Based" NIDS. In order to increase the efficiency of the NIDS, a hybrid signature-anomaly NIDS based on both snort and negative selection algorithm is proposed. To evaluate the efficacy of the proposed system the 1999 DARPA data set is used. The experimental results show that the performance of the proposed system is more efficient than using snort on its own.

References
  1. Pandey, Aakanksha, and Nilay Khare. "String Matching Technique Based on Hardware: A Comparative Analysis." Advances in Computing and Information Technology. Springer Berlin Heidelberg, 2012. 339-347.‏
  2. Prabha, K., and S. Sukumaran. "Improved Single Keyword Pattern Matching Algorithm for Intrusion Detection System." International Journal of Computer Applications 90.9 (2014).‏
  3. Uddin, M., Rahman, A. A., Uddin, N., Memon, J., Alsaqour, R. A., & Kazi, S. (2013). Signature-based Multi-Layer Distributed Intrusion Detection System using Mobile Agents. IJ Network Security, 15(2), 97-105.‏
  4. Shen, J. and J. Wang. Network intrusion detection by artificial immune system. in IECON 2011-37th Annual
  5. Conference on IEEE Industrial Electronics Society. 2011. IEEE.
  6. Jinyin, C. and Y. Dongyong. A study of detector generation algorithms based on artificial immune in intrusion detection system. in Computer Research and Development (ICCRD), 2011 3rd International Conference on. 2011. IEEE.
  7. Aziz, A. S. A., Salama, M. A., Hassanien, A. E., & Hanafi, S. E. O. (2012, September). Detectors Generation using Genetic Algorithm for a Negative Selection Inspired Anomaly Network Intrusion Detection System. In FedCSIS (pp. 597-602).‏
  8. Zhou, Z., Zhongwen, C., Tiecheng, Z., & Xiaohui, G. (2010, May). The study on network intrusion detection system of Snort. In Networking and Digital Society (ICNDS), 2010 2nd International Conference on (Vol. 2, pp. 194-196). IEEE.‏
  9. Kumar, S. and R. Joshi. Design and implementation of IDS using Snort, Entropy and alert ranking system. in Signal Processing, Communication, Computing and Networking Technologies (ICSCCN), 2011 International Conference on. 2011. IEEE.
  10. Peng, Y. and H. Wang. Design and implementation of network instruction detection system based on snort and NTOP. in 2012 International Conference on Systems and Informatics (ICSAI2012). 2012.
  11. Hussein, S.M., F.H.M. Ali, and Z. Kasiran. Evaluation effectiveness of hybrid IDs using snort with naive Bayes to detect attacks. in Digital Information and Communication Technology and it's Applications (DICTAP), 2012 Second International Conference on. 2012. IEEE.
  12. Pastrana, S., Tapiador, J. E., Orfila, A., & Peris-Lopez, P. (2015). DEFIDNET: A framework for optimal allocation of cyberdefenses in Intrusion Detection Networks. Computer Networks, 80, 66-88.‏
  13. Balzarotti, D., Testing network intrusion detection systems. 2006, Politecnico di Milano.
  14. Kabiri, P. and A.A. Ghorbani, Research on Intrusion Detection and Response: A Survey. IJ Network Security, 2005. 1(2): p. 84-102.
  15. Rehman, R.U., Intrusion detection systems with Snort: advanced IDS techniques using Snort, Apache, MySQL, PHP, and ACID. 2003: Prentice Hall Professional.
  16. Chakraborty, Nilotpal. "Intrusion Detection System and Intrusion Prevention System: A Comparative Study." International Journal of Computing and Business Research (IJCBR) ISSN (Online) (2013): 2229-6166.‏
  17. Johnson, L., Security Controls Evaluation, Testing, and Assessment Handbook. 2015: Elsevier Inc.
  18. Skarfone, K. and P. Mell, Guide to intrusion detection and prevention systems. 2007, National Institute of Standards and Technology, available at: csrc. nist. gov/publications/nistpubs/800-94/SP800-94. pdf.
  19. Powers, Simon T., and Jun He. "A hybrid artificial immune system and Self Organising Map for network intrusion detection." Information Sciences 178.15 (2008): 3024-3042.‏
  20. Ma, L. and Y. Chen. An improved Algorithm of Generating Network Intrusion Detector. in 2nd International Conference on Electronic & Mechanical Engineering and Information Technology. 2012.
  21. Forrest, S., Perelson, A. S., Allen, L., & Cherukuri, R. (1994, May). Self-nonself discrimination in a computer. In null (p. 202). IEEE.‏
  22. Meghanathan, N., D. Nagamalai, and N. Chaki, Advances in Computing and Information Technology: Proceedings of the Second International Conference on Advances in Computing and Information Technology (ACITY) July 13-15, 2012, Chennai, India - Volume 1. 2012: Springer.
  23. Thomas, C., V. Sharma, and N. Balakrishnan, Usefulness of DARPA dataset for intrusion detection system evaluation, in Data Mining, Intrusion Detection, Information Assurance and Data Networks Security. 2008.
Index Terms

Computer Science
Information Sciences

Keywords

Signature Based Anomaly Based Snort Negative Selection