A Novel Intelligent Intrusion Detection, Decision, Response System.

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences (Impact Factor: 0.24). 06/2006; 89-A:1630-1637. DOI: 10.1093/ietfec/e89-a.6.1630
Source: DBLP

ABSTRACT This paper proposed a novel intelligent intrusion detection, decision, response system with fuzzy theory. This system utilized the two essential informations: times and time, of the failed login to decide automatically whether this login is a misuse user as alike as experienced system/security administrators. The database of this system isn't preestablished before working but is built and updated automatically during working. And this system is not only notification system but gives the exact and rapid decision and response to a misuse.

  • [Show abstract] [Hide abstract]
    ABSTRACT: Neural networks have good learning and associative memory abilities have been widely applied to various fields. In this paper, we employed the Back propagation Neural Network (BPNN) to replace the fuzzy methods of the Intelligent Intrusion Detection, Decision, Response System (IIDDRS) to decide the intrusion. Through this improvement the processing of the system was simplified and the performance of the system was enhanced in the Intrusion Decision. The efficiency of these improvements was confirmed with the experiments.
    Intelligent Networks and Intelligent Systems, International Workshop on. 01/2008;
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Due to the rapid growth of network technologies and substantial improvement in attack tools and techniques, a distributed intrusion detection system (dIDS) is required to allocate multiple IDSs across a network to monitor security events and to collect data. However, dIDS architectures suffer from many limitations such as the lack of a central analyzer and a heavy network load. In this paper, we propose a new architecture for dIDS, called a collaborative architecture for dIDS (C-dIDS), to overcome these limitations. The C-dIDS contains one-level hierarchy dIDS with a non-central analyzer. To make the detection decision for a specific IDS module in the system, this IDS module needs to collaborate with the IDS in the lower level of the hierarchy. Cooperating with lower level IDS module improves the system accuracy with less network load (just one bit of information). Moreover, by using one hierarchy level, there is no central management and processing of data so there is no chance for a single point of failure. We have examined the feasibility of our dIDS architecture by conducting several experiments using the DARPA dataset. The experimental results indicate that the proposed architecture can deliver satisfactory system performance with less network load.
    Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009. IEEE Symposium on; 08/2009
  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper deals with a combination of work in the fields of artificial intelligence and computer security. It describes a decision model based on a new genetic algorithm approach for intrusion response system (NGAA-IRS). A brief survey of intrusion detection and response system (IDRS), genetic algorithm (GA), and its application to IDRS are presented. Then, the proposed model, parameters and evolution process for GA are discussed in details. The model is characterized by a new implementation of individual structure based on a matrix of response-resource entries and a fitness function based on cost benefit approach for selecting the appropriate solution. These features are specific to NGAA-IRS model and do not be used in other implementations beforehand.
    Computers and Communications, 2009. ISCC 2009. IEEE Symposium on; 08/2009