A Two Level Network Intrusion Detection System for MANET

International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)

Abstract

Intrusion detection has been the major necessities of the current information rich computing environment. Major challenges facing intrusion detection systems include the huge size of data to be analyzed and the ever -changing attack types. In order to enforce high protection levels against threats, a number of software tools are currently developed. In this paper, two grains levels intrusion detection system (IDS) is suggested (fine-grained and coarse-grained). In normal case, where intrusions are not detected, the most suitable IDS level is the coarse-grained to increase IDS performance. As soon as any intrusion is detected by coarse-grained IDS, the fine-grained is activated to detect the possible attack details. Very fast decision tree algorithm is used in both of these detection levels. Experimental results demonstrate that the proposed model is highly successful in detecting known and unknown attacks, and can be successfully adapted with packets' flow to increase IDS performance.

References

[1] R. Perdisci, G. Giacinto, F. Roli, Alarm clustering for intrusion detection systems in computer networks, J. Eng. Appl. Artif. Intell. 19 (2006) 429e438.

[2] D. Pedro, H. Geoff, Mining high speed data streams, in: ACM SIGKDD Conference on Knowledge Discovery and Data Mining, 2000, pp. 71e80.

[3] Mohammed M. Mazid, M. Shawkat Ali, Kevin S. Tickle, A comparison between rule based and association rule mining algorithms, in: 3rd IEEE International Conference on Network and System Security, 2009, pp. 452e455.

[4] G. Radhika, S. Anjali, C.J. Ramesh, Parallel misuse and anomaly detection model, Int. J. Netw. Secur. 14 (4) (2012) 211e225.

[5] P. Mrutyunjaya, R.P. Manas, Evaluating machine learning algorithms for detecting network intrusions, Int. J. Recent Trends Eng. 1 (1) (2009).

[6] Dewan M. Farid, H. Nouria, B. Emna, Z.R. Mohammad, M.R. Chowdhury, Attacks classification in adaptive intrusion detection using decision tree, World Acad. Sci. Eng. Technol.(2010) 27e44.

[7] A.N. Huy, D. Choi, Application of data mining to network intrusion detection: classifier selection model, in: Asia-Pacific Network Operation and Management Symposium, SpringerVerlag, Berlin, Heidelberg, 2008, pp. 399e406.

[8] M. Adnan, B. Abdulazeez, S.I. Adel, Intrusion detection and attack classifier based on three techniques, A Comp. Study. Eng. Technol. J. 29 (2) (2011) 233e254.

[9] M.F. Kamel, B. Aoued, Securing network traffic using genetically evolved transformations, Malays. J. Comput. Sci. 19 (2006) 3e23.

[10] S. Staniford, J.A. Hoagland, J.M. McAlerney, Practical automated detection of stealthy portscans, J. Comput. Secur. 10 (1e2) (2002) 105e136.

[11] . Eskin, A. Arnold, M. Preraua, L. Portnoy, S.J. Stolfo, A geometric framework for unsupervised anomaly detection: detecting intrusions in unlabeled data, in: D. Barbar, S. Jajodia(Eds.), Data Mining for Security Applications, Kluwer Academic Publishers, Boston, 2002.

[12] A. Honig, A. Howard, E. Eskin, S.J. Stolfo, Adaptive model generation: an architecture for the deployment of data mining based intrusion detection systems, in: D. Barbar, S. Jajodia (Eds.), Data Mining for Security Applications, Kluwer Academic Publishers, Boston, 2002.

[13] J. Luo, Integrating Fuzzy Logic with Data Mining Methods for Intrusion Detection, Mississippi State University, 1999 (Master thesis).

[14] T. Chen, P. Chen, T. Wang, Y. Chiu, S. Lai, Integrated multilevel intrusion detection and report system, in: Proceedings of the Fifth International Conference on Electronic Business,Hong Kong, 2005, pp. 463e469.

[15]Y. Al-Nashif, Multi-level Anomaly Based Autonomic Intrusion Detection System, University of Arizona, 2008 (PhD dissertation).

Keywords

Network security; Intrusion detection system; Classification; Very fast decision tree algorithm, Manet, Mac