An Improved Ant-IS Algorithm for Intrusion Detection

An Improved Ant-IS Algorithm for Intrusion Detection

Amal Miloud-Aouidate (University of Science and Technology Houari Boumediene, Algiers, Algeria) and Ahmed Riadh Baba-Ali (University of Science and Technology Houari Boumediene, Algiers, Algeria)
Copyright: © 2014 |Pages: 14
DOI: 10.4018/ijamc.2014010104
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

During recent years, the number of attacks on networks has dramatically increased. Consequently the interest in network intrusion detection has increased among the researchers. This paper proposes a clustering Ant-IS and an active Ant colony optimization algorithms for intrusion detection in computer networks. The goal of these algorithms is to extract a set of learning instances from the initial training dataset. The proposed algorithms are an improvement of the previously presented Ant-IS algorithm, used is pattern recognition. Results of experimental tests show that the proposed algorithms are capable of producing a reliable intrusion detection system.
Article Preview

Recently, data mining is becoming an important component in intrusion detection systems (Li, 2009). IDES (Denning, 1987) is the first model of IDS. This model uses statistical techniques to characterize abnormal behavior and is based on rules to detect violations. NIDES (Javits and7 Valdes, 1993) are the successor of the IDES project. It has a strong base of anomaly detection, complemented with a component-based expert system signature. MADAM ID (Lee et al., 1998) is one of the best known data mining projects in intrusion detection. It is an off-line IDS using Association rules and frequent episodes. MADAM ID permits to replace hand-coded intrusion patterns and profiles with the learned rules. ADAM (Audit Data Analysis and Mining) (Barbara et al., 2001) is an on-line network based IDS. It allows detecting known attacks as well as unknown attacks. ADAM uses association rules and classification. IDDM (Abraham, 2001) is a real-time NIDS for misuse and anomaly detection. It applies association rules, Meta rules, and characteristic rules.

Common representations for data mining techniques have been proposed for intrusion detection and made great success. These techniques include neural networks (Lippmann, 2000), Support Vector Machine (SVM) (Eskin, 2002; Mukkamala, 2002) and neighbor-hood based classification (Law and7 Kwok, 2005; Li and7 Guo, 2007; Liao and7 Vemuri, 2002; Li, 2009; Xiang et al., 2008; Kuang and7 Zulkernine, 2008; Shirazi, 2009; Shirazi and7 Kalaji, 2010; Shirazi et al., 2012; Tsai and7 Lin 2010; Muda et al., 2011; Wang, 2011; Deepika and7 Richhariya, 1999; Natesan and7 Balasubramanie, 2012).

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 9: 4 Issues (2018): 1 Released, 3 Forthcoming
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing