Intrusion detection systems detect attacks inside computers and networks, where the detection of the attacks must be in fast time and high rate. Various methods proposed achieved high detection rate, this was done either by improving the algorithm or hybridizing with another algorithm. However, they are suffering from the time, especially after the improvement of the algorithm and dealing with large traffic data. On the other hand, past researches have been successfully applied to the DNA sequences detection approaches for intrusion detection system; the achieved detection rate results were very low, on other hand, the processing time was fast. Also, feature selection used to reduce the computation and complexity lead to speed up the system. A new features selection method is proposed based on DNA encoding and on DNA keys positions. The current system has three phases, the first phase, is called pre-processing phase, which is used to extract the keys and their positions, the second phase is training phase; the main goal of this phase is to select features based on the key positions that gained from pre-processing phase, and the third phase is the testing phase, which classified the network traffic records as either normal or attack by using specific features. The performance is calculated based on the detection rate, false alarm rate, accuracy, and also on the time that include both encoding time and matching time. All these results are based on using two or three keys, and it is evaluated by using two datasets, namely, KDD Cup 99, and NSL-KDD. The achieved detection rate, false alarm rate, accuracy, encoding time, and matching time for all corrected KDD Cup records (311,029 records) by using two and three keys are equal to 96.97, 33.67, 91%, 325, 13 s, and 92.74, 7.41, 92.71%, 325 and 20 s, respectively. The results for detection rate, false alarm rate, accuracy, encoding time, and matching time for all NSL-KDD records (22,544 records) by using two and three keys are equal to 89.34, 28.94, 81.46%, 20, 1 s and 82.93, 11.40, 85.37%, 20 and 1 s, respectively. The proposed system is evaluated and compared with previous systems and these comparisons are done based on encoding time and matching time. The outcomes showed that the detection results of the present system are faster than the previous ones.
In modern years, internet and computers were used by many nations all overhead the world in different domains. So the number of Intruders is growing day-by-day posing a critical problem in recognizing among normal and abnormal manner of users in the network. Researchers have discussed the security concerns from different perspectives. Network Intrusion detection system which essentially analyzes, predicts the network traffic and the actions of users, then these behaviors will be examined either anomaly or normal manner. This paper suggested Deep analyzing system of NIDS to construct network intrusion detection system and detecting the type of intrusions in traditional network. The performance of the proposed system was evaluated by using
... Show MoreMost intrusion detection systems are signature based that work similar to anti-virus but they are unable to detect the zero-day attacks. The importance of the anomaly based IDS has raised because of its ability to deal with the unknown attacks. However smart attacks are appeared to compromise the detection ability of the anomaly based IDS. By considering these weak points the proposed
system is developed to overcome them. The proposed system is a development to the well-known payload anomaly detector (PAYL). By
combining two stages with the PAYL detector, it gives good detection ability and acceptable ratio of false positive. The proposed system improve the models recognition ability in the PAYL detector, for a filtered unencrypt
Nowadays, the rapid development of multi-media technology and digital images transmission by the Internet leads the digital images to be exposed to several attacks in the transmission process. Therefore, protection of digital images become increasingly important.
To this end, an image encryption method that adopts Rivest Cipher (RC4) and Deoxyribonucleic Acid (DNA) encoding to increase the secrecy and randomness of the image without affecting its quality is proposed. The Means Square Error (MSE), Peak Signal-to-Noise Ratio (PSNR), Coefficient Correlation (CC) and histogram analysis are used as an evaluation metrics to evaluate the performance of the proposed method. The results indicate that the proposed method is secure ag
... Show MoreImages hold important information, especially in military and commercial surveillance as well as in industrial inspection and communication. Therefore, the protection of the image from abuse, unauthorized access, and damage became a significant demand. This paper introduces a new Beta chaotic map for encrypting and confusing the color image with Deoxyribonucleic Acid (DNA) sequence. First, the DNA addition operation is used for diffusing each component of the plain image. Then, a new Beta chaotic map is used for shuffling the DNA color image. In addition, two chaotic maps, namely the proposed new Beta and Sine chaotic maps, are used for key generation. Finally, the DNA XOR operation is applied between the generated key and shuffled DNA i
... Show MoreIn recent years, with the growing size and the importance of computer networks, it is very necessary to provide adequate protection for users data from snooping through the use of one of the protection techniques: encryption, firewall and intrusion detection systems etc. Intrusion detection systems is considered one of the most important components in the computer networks that deal with Network security problems. In this research, we suggested the intrusion detection and classification system through merging Fuzzy logic and Artificial Bee Colony Algorithm. Fuzzy logic has been used to build a classifier which has the ability to distinguish between the behavior of the normal user and behavior of the intruder. The artificial bee colony al
... Show MoreThe prevalence of using the applications for the internet of things (IoT) in many human life fields such as economy, social life, and healthcare made IoT devices targets for many cyber-attacks. Besides, the resource limitation of IoT devices such as tiny battery power, small storage capacity, and low calculation speed made its security a big challenge for the researchers. Therefore, in this study, a new technique is proposed called intrusion detection system based on spike neural network and decision tree (IDS-SNNDT). In this method, the DT is used to select the optimal samples that will be hired as input to the SNN, while SNN utilized the non-leaky integrate neurons fire (NLIF) model in order to reduce latency and minimize devices
... Show MoreThe prevalence of using the applications for the internet of things (IoT) in many human life fields such as economy, social life, and healthcare made IoT devices targets for many cyber-attacks. Besides, the resource limitation of IoT devices such as tiny battery power, small storage capacity, and low calculation speed made its security a big challenge for the researchers. Therefore, in this study, a new technique is proposed called intrusion detection system based on spike neural network and decision tree (IDS-SNNDT). In this method, the DT is used to select the optimal samples that will be hired as input to the SNN, while SNN utilized the non-leaky integrate neurons fire (NLIF) model in order to reduce latency and minimize devices
... Show MoreFeature selection algorithms play a big role in machine learning applications. There are several feature selection strategies based on metaheuristic algorithms. In this paper a feature selection strategy based on Modified Artificial Immune System (MAIS) has been proposed. The proposed algorithm exploits the advantages of Artificial Immune System AIS to increase the performance and randomization of features. The experimental results based on NSL-KDD dataset, have showed increasing in performance of accuracy compared with other feature selection algorithms (best first search, correlation and information gain).
Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is ope
... Show More