Abstract
This study applies artificial immune system and parallelized finite-state machines to construct an intrusion detection algorithm for spotting hidden threats in massive number of packets. Existing intrusion detections are mostly not focused on adaptability for mixed and changing attacks, which results in low detection rate in new and mixed-type attacks. Using the characteristics of artificial immune and state transition can address the attacks in evolutionary patterns and track the anomalies in nonconsecutive packets. The proposed immune algorithm in this study is highly efficient based on a selection step in multi-island migration. Result shows that the algorithm can effectively detect mixed-type attacks and obtains an overall accuracy of 95.9% in testing data.
Highlights
Intrusion detection systems (IDSs) aim to identify and isolate all types of intrusion inside a computer or communication system [1]
Hackers often attack by sending abnormal packets, and some attacks can be identified by a single packet [1]
We are no longer restricted to one single packet or analytical moment, we use finite-state machines (FSMs) to associate non-single packet attacks to internal tracking states
Summary
Intrusion detection systems (IDSs) aim to identify and isolate all types of intrusion inside a computer or communication system [1]. An FSM is a mathematical model of computation with finite number of states at any given time, initial state, and input triggering state transition with a predefined transition probability [3,12]. The advantage of this model is to keep tracking events effectively in a directed graph. This model can be used to discern multiple attacks among massive mixed packets
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have