Intrusion Detection Systems Using Adaptive Regression Splines

Past few years have witnessed a growing recognition of intelligent techniques for the construction of efficient and reliable intrusion detection systems. Due to increasing incidents of cyber attacks, building effective intrusion detection systems (IDS) are essential for protecting information systems security, and yet it remains an elusive goal and a great challenge. In this paper, we report a performance analysis between Multivariate Adaptive Regression Splines (MARS), neural networks and support vector machines. The MARS procedure builds flexible regression models by fitting separate splines to distinct intervals of the predictor variables. A brief comparison of different neural network learning algorithms is also given

ANTIDS: Self-Organized Ant-based Clustering Model for Intrusion Detection System

Security of computers and the networks that connect them is increasingly becoming of great significance. Computer security is defined as the protection of computing systems against threats to confidentiality, integrity, and availability. There are two types of intruders: the external intruders who are unauthorized users of the machines they attack, and internal intruders, who have permission to access the system with some restrictions. Due to the fact that it is more and more improbable to a system administrator to recognize and manually intervene to stop an attack, there is an increasing recognition that ID systems should have a lot to earn on following its basic principles on the behavior of complex natural systems, namely in what refers to self-organization, allowing for a real distributed and collective perception of this phenomena. With that aim in mind, the present work presents a self-organized ant colony based intrusion detection system (ANTIDS) to detect intrusions in a network infrastructure. The performance is compared among conventional soft computing paradigms like Decision Trees, Support Vector Machines and Linear Genetic Programming to model fast, online and efficient intrusion detection systems.Comment: 13 pages, 3 figures, Swarm Intelligence and Patterns (SIP)- special track at WSTST 2005, Muroran, JAPA

Knot Flow Classification and its Applications in Vehicular Ad-Hoc Networks (VANET)

Intrusion detection systems (IDSs) play a crucial role in the identification and mitigation for attacks on host systems. Of these systems, vehicular ad hoc networks (VANETs) are difficult to protect due to the dynamic nature of their clients and their necessity for constant interaction with their respective cyber-physical systems. Currently, there is a need for a VANET-specific IDS that meets this criterion. To this end, a spline-based intrusion detection system has been pioneered as a solution. By combining clustering with spline-based general linear model classification, this knot flow classification method (KFC) allows for robust intrusion detection to occur. Due its design and the manner it is constructed, KFC holds great potential for implementation across a distributed system. The purpose of this thesis was to explain and extrapolate the afore mentioned IDS, highlight its effectiveness, and discuss the conceptual design of the distributed system for use in future research

Spline Based Intrusion Detection in Vehicular Ad Hoc Networks (VANET)

Intrusion detection systems (IDSs) play a crucial role in the identification and mitigation for attacks on host systems. Of these systems, vehicular ad hoc networks (VANETs) are particularly difficult to protect due to the dynamic nature of their clients and their necessity for constant interaction with their respective cyber-physical systems. Currently, there is a need for a VANET-specific IDS that can satisfy these requirements. Spline function-based IDSs have shown to be effective in traditional network settings. By examining the various construction of splines and testing their robustness, the viability for a spline-based IDS can be determined

Building A Malware Finding System Using A Filter-Based Feature Selection Algorithm

Flexible Mutual Information Feature Selection is another supervised filter-based feature selection formula that has recently been proposed. With FMIFS, there's no doubt about it, MIFS and MMIFS are outdated. According to FMIFS, a revision to Battiti's formula would help cut down on redundancy among features. Redundancy parameters are no longer required in MIFS and MMIFS because of FMIFS. MIFS and MMIFS are unquestionably better alternatives to FMIFS. Based on the advice of FMIFS, Battiti's formula should be updated to minimize redundancy. In FMIFS, the redundant parameter is eliminated and it results in MIFS and MMIFS. None of the existing technologies are capable of fully safeguarding the internet software and operating networks against threats like DoS attacks, spyware, and adware. Incredible amounts of network traffic pose a major obstacle to IDSs. Our function selection formula contributed significantly more important functionality to LSSVM-IDS in regards to improving LSSVM-IDS' accuracy while minimizing the use of computation in comparison to other approaches. This feature selection method is especially suitable for features that are dependent on either a linear or nonlinear relationship. To provide accurate classification, we have provided a formula based on mutual knowledge, which mathematically selects the perfect function. Its utility is measured by taking into account the use of network intrusion detection. Data with redundant and irrelevant functionality has created a long-term traffic condition. It not only slows the overall classification process, but it also impedes classifiers from making correct decisions, specifically when handling large amounts of data

Mathematical and Statistical Opportunities in Cyber Security

The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question "What fundamental problems exist within cyber security research that can be helped by advanced mathematics and statistics?" Our first and most important assumption is that access to real-world data is necessary to understand large and complex systems like the Internet. Our second assumption is that many proposed cyber security solutions could critically damage both the openness and the productivity of scientific research. After examining a range of cyber security problems, we come to the conclusion that the field of cyber security poses a rich set of new and exciting research opportunities for the mathematical and statistical sciences