A hybrid intelligent HIDS model using two-layer genetic algorithm and neural network

Torkaman, Atefeh; Javadzadeh, Ghazaleh; Bahrololum, Marjan

doi:10.1109/ikt.2013.6620045

Cited by 10 publications

(6 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Controlling the network flow is the responsibility of the network-based defence system. However, a host-based defence system combats against upcoming data in a workstation/computer by a firewall and other defence mechanisms installed on a host [414,415]. As discussed in section II-A, there are four major categories of attacks for instruction detection purposes, including Denial of Service (DoS), Phishing/Scanning/Probe, Remote to Local (R2L), and User to Root (U2R).…”

Section: ) Techniques and Methodsmentioning

confidence: 99%

A Survey on Machine Learning Techniques for Cyber Security in the Last Decade

et al. 2020

View full text Add to dashboard Cite

Pervasive growth and usage of the Internet and mobile applications have expanded cyberspace. The cyberspace has become more vulnerable to automated and prolonged cyberattacks. Cyber security techniques provide enhancements in security measures to detect and react against cyberattacks. The previously used security systems are no longer sufficient because cybercriminals are smart enough to evade conventional security systems. Conventional security systems lack efficiency in detecting previously unseen and polymorphic security attacks. Machine learning (ML) techniques are playing a vital role in numerous applications of cyber security. However, despite the ongoing success, there are significant challenges in ensuring the trustworthiness of ML systems. There are incentivized malicious adversaries present in the cyberspace that are willing to game and exploit such ML vulnerabilities. This paper aims to provide a comprehensive overview of the challenges that ML techniques face in protecting cyberspace against attacks, by presenting a literature on ML techniques for cyber security including intrusion detection, spam detection, and malware detection on computer networks and mobile networks in the last decade. It also provides brief descriptions of each ML method, frequently used security datasets, essential ML tools, and evaluation metrics to evaluate a classification model. It finally discusses the challenges of using ML techniques in cyber security. This paper provides the latest extensive bibliography and the current trends of ML in cyber security.

show abstract

Section: ) Techniques and Methodsmentioning

confidence: 99%

A Survey on Machine Learning Techniques for Cyber Security in the Last Decade

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Based on the location of the information sources, IDPS can be categorized as host based or network based approach [64]. Host based Intrusion Detection System (HIDS) checks for suspicious activity at the host level [65]. A Network based Intrusion Detection System (NIDS) checks for intrusions in the network traffic at gateway and routers by analyzing network protocol activities [66].…”

Section: Background On Malware and Malware Variantsmentioning

confidence: 99%

A Review on Android Malware: Attacks, Countermeasures and Challenges Ahead

Selvaganapathy

Sadasivam

Ravi

2021

JCSANDM

View full text Add to dashboard Cite

Smartphones usage have become ubiquitous in modern life serving as a double-edged sword with opportunities and challenges in it. Along with the benefits, smartphones also have high exposure to malware. Malware has progressively penetrated thereby causing more turbulence. Malware authors have become increasingly sophisticated and are able to evade detection by anti-malware engines. This has led to a constant arms race between malware authors and malware defenders. This survey converges on Android malware and covers a walkthrough of the various obfuscation attacks deployed during malware analysis phase along with the myriad of adversarial attacks operated at malware detection phase. The review also unscrambles the difficulties currently faced in deploying an on-device, lightweight malware detector. It sheds spotlight for researchers to perceive the current state of the art techniques available to fend off malware along with suggestions on possible future directions

show abstract

“…The misuse detection method, which is used in a signature-based (or knowledge-based) HIDS, is effective in detecting known attack vectors; nevertheless, it is vulnerable to attacks from unknown attack vectors. Therefore, there is a need for the anomaly detection methods [8,9]. In particular, anomaly detection methods define and detect any anomalies that deviate from normal behavior patterns based on existing network usage scenarios, internal system calls, and so on.…”

Section: Introductionmentioning

confidence: 99%

Comparison of Anomaly Detection Accuracy of Host-based Intrusion Detection Systems based on Different Machine Learning Algorithms

Shin¹,

Kim²

2020

IJACSA

View full text Add to dashboard Cite

Among the different host-based intrusion detection systems, an anomaly-based intrusion detection system detects attacks based on deviations from normal behavior; however, such a system has a low detection rate. Therefore, several studies have been conducted to increase the accurate detection rate of anomaly-based intrusion detection systems; recently, some of these studies involved the development of intrusion detection models using machine learning algorithms to overcome the limitations of existing anomaly-based intrusion detection methodologies as well as signature-based intrusion detection methodologies. In a similar vein, in this study, we propose a method for improving the intrusion detection accuracy of anomaly-based intrusion detection systems by applying various machine learning algorithms for classification of normal and attack data. To verify the effectiveness of the proposed intrusion detection models, we use the ADFA Linux Dataset which consists of system call traces for attacks on the latest operating systems. Further, for verification, we develop models and perform simulations for host-based intrusion detection systems based on machine learning algorithms to detect and classify anomalies using the Arena simulation tool.

show abstract

A hybrid intelligent HIDS model using two-layer genetic algorithm and neural network

Cited by 10 publications

References 12 publications

A Survey on Machine Learning Techniques for Cyber Security in the Last Decade

A Survey on Machine Learning Techniques for Cyber Security in the Last Decade

A Review on Android Malware: Attacks, Countermeasures and Challenges Ahead

Comparison of Anomaly Detection Accuracy of Host-based Intrusion Detection Systems based on Different Machine Learning Algorithms

Contact Info

Product

Resources

About