By Topic

Hybrid of rough set theory and Artificial Immune Recognition System as a solution to decrease false alarm rate in intrusion detection system

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Sabri, F.N.M. ; Fac. of Sci. & Technol, Univ. Sains, Nilai, Malaysia ; Norwawi, N.M. ; Seman, K.

Denial of Service (DoS) attacks is one of the security threats for computer systems and applications. It usually make use of software bugs to crash or freeze a service or network resource or bandwidth limits by making use of a flood attack to saturate all bandwidth. Predicting a potential DOS attacks would be very helpful for an IT departments or managements to optimize the security of intrusion detection system (IDS). Nowadays, false alarm rates and accuracy become the main subject to be addressed in measuring the effectiveness of IDS. Thus, the purpose of this work is to search the classifier that is capable to reduce the false alarm rates and increase the accuracy of the detection system. This study applied Artificial Immune System (AIS) in IDS. However, this study has been improved by using integration of rough set theory (RST) with Artificial Immune Recognition System 1 (AIRS1) algorithm, (Rough-AIRS1) to categorize the DoS samples. RST is expected to be able to reduce the redundant features from huge amount of data that is capable to increase the performance of the classification. Furthermore, AIS is an incremental learning approach that will minimize duplications of cases in a knowledge based. It will be efficient in terms of memory storage and searching for similarities in Intrusion Detection (IDS) attacks patterns. This study use NSL-KDD 20% train dataset to test the classifiers. Then, the performances are compared with single AIRS1 and J48 algorithm. Results from these experiments show that Rough-AIRS1 has lower number of false alarm rate compared to single AIRS but a little bit higher than J48. However, accuracy for this hybrid technique is slightly lower compared to others.

Published in:

Information Assurance and Security (IAS), 2011 7th International Conference on

Date of Conference:

5-8 Dec. 2011