Clustering algorithms have recently gained attention in the related literature since
they can help current intrusion detection systems in several aspects. This paper
proposes genetic algorithm (GA) based clustering, serving to distinguish patterns
incoming from network traffic packets into normal and attack. Two GA based
clustering models for solving intrusion detection problem are introduced. The first
model coined as handles numeric features of the network packet, whereas
the second one coined as concerns all features of the network packet.
Moreover, a new mutation operator directed for binary and symbolic features is
proposed. The basic concept of proposed mutation operator depends on the most
frequent value

Until recently, researchers have utilized and applied various techniques for intrusion detection system (IDS), including DNA encoding and clustering that are widely used for this purpose. In addition to the other two major techniques for detection are anomaly and misuse detection, where anomaly detection is done based on user behavior, while misuse detection is done based on known attacks signatures. However, both techniques have some drawbacks, such as a high false alarm rate. Therefore, hybrid IDS takes advantage of combining the strength of both techniques to overcome their limitations. In this paper, a hybrid IDS is proposed based on the DNA encoding and clustering method. The proposed DNA encoding is done based on the UNSW-NB15

Intrusion-detection systems (IDSs) aim at detecting attacks against computer systems and networks or, in general, against information systems. Most of the diseases in human body are discovered through Deoxyribonucleic Acid (DNA) investigations. In this paper, the DNA sequence is utilized for intrusion detection by proposing an approach to detect attacks in network. The proposed approach is a misuse intrusion detection that consists of three stages. First, a DNA sequence for a network traffic taken from Knowledge Discovery and Data mining (KDD Cup 99) is generated. Then, Teiresias algorithm, which is used to detect sequences in human DNA and assist researchers in decoding the human genome, is used to discover the Shortest Tandem Repeat (S

Recent research has shown that a Deoxyribonucleic Acid (DNA) has ability to be used to discover diseases in human body as its function can be used for an intrusion-detection system (IDS) to detect attacks against computer system and networks traffics. Three main factor influenced the accuracy of IDS based on DNA sequence, which is DNA encoding method, STR keys and classification method to classify the correctness of proposed method. The pioneer idea on attempt a DNA sequence for intrusion detection system is using a normal signature sequence with alignment threshold value, later used DNA encoding based cryptography, however the detection rate result is very low. Since the network traffic consists of 41 attributes, therefore we proposed the

With the high usage of computers and networks in the current time, the amount of security threats is increased. The study of intrusion detection systems (IDS) has received much attention throughout the computer science field. The main objective of this study is to examine the existing literature on various approaches for Intrusion Detection. This paper presents an overview of different intrusion detection systems and a detailed analysis of multiple techniques for these systems, including their advantages and disadvantages. These techniques include artificial neural networks, bio-inspired computing, evolutionary techniques, machine learning, and pattern recognition.

Secure data communication across networks is always threatened with intrusion and abuse. Network Intrusion Detection System (IDS) is a valuable tool for in-depth defense of computer networks. Most research and applications in the field of intrusion detection systems was built based on analysing the several datasets that contain the attacks types using the classification of batch learning machine. The present study presents the intrusion detection system based on Data Stream Classification. Several data stream algorithms were applied on CICIDS2017 datasets which contain several new types of attacks. The results were evaluated to choose the best algorithm that satisfies high accuracy and low computation time.

With the rapid development of computers and network technologies, the security of information in the internet becomes compromise and many threats may affect the integrity of such information. Many researches are focused theirs works on providing solution to this threat. Machine learning and data mining are widely used in anomaly-detection schemes to decide whether or not a malicious activity is taking place on a network. In this paper a hierarchical classification for anomaly based intrusion detection system is proposed. Two levels of features selection and classification are used. In the first level, the global feature vector for detection the basic attacks (DoS, U2R, R2L and Probe) is selected. In the second level, four local feature vect

Nowad ays, with the development of internet communication that provides many facilities to the user leads in turn to growing unauthorized access. As a result, intrusion detection system (IDS) becomes necessary to provide a high level of security for huge amount of information transferred in the network to protect them from threats. One of the main challenges for IDS is the high dimensionality of the feature space and how the relevant features to distinguish the normal network traffic from attack network are selected. In this paper, multi-objective evolutionary algorithm with decomposition (MOEA/D) and MOEA/D with the injection of a proposed local search operator are adopted to solve the Multi-objective optimization (MOO) followed by Naï

In modern years, internet and computers were used by many nations all overhead the world in different domains. So the number of Intruders is growing day-by-day posing a critical problem in recognizing among normal and abnormal manner of users in the network. Researchers have discussed the security concerns from different perspectives. Network Intrusion detection system which essentially analyzes, predicts the network traffic and the actions of users, then these behaviors will be examined either anomaly or normal manner. This paper suggested Deep analyzing system of NIDS to construct network intrusion detection system and detecting the type of intrusions in traditional network. The performance of the proposed system was evaluated by using