Abstract
Deoxyribonucleic acid (DNA) can be used to discover the presence of diseases in the human body. Similarly, its functionality can be leveraged in an intrusion detection system (IDS) to detect attacks against computer systems and network traffic. Various approaches have been proposed for using DNA sequences in IDSs. The most popular is the DNA sequence matching method, which is also used in biology. A technique that uses the DNA sequence in an IDS has previously been proposed to generate a normal signature sequence with an alignment threshold value. However, its detection rate is very low. Therefore, this paper considers the two main factors that affect the detection accuracy via the DNA sequence, DNA encoding and the short tandem repeat (STR) (i.e., the DNA keys and their positions). It then proposes two DNA encoding methods, named DEM3sel, and DEMdif, which differ in terms of the length of the DNA sequence and the network traffic representation. DEM3sel uses three characters to represent all 41 network attributes but uses a single fixed character to distinguish between nominal and numerical attributes. DEMdif uses different characters to represent all the network attributes based on the attribute values and uses a single fixed character to distinguish between nominal and numerical attributes. In all these methods, the Teiresias algorithm is used to extract the short tandem repeat (STR), which includes both the keys and their positions in the network traffic, while the Knuth-Morris-Pratt algorithm is used as a matching process to determine whether the network traffic is normal or an attack. An experiment is conducted to assess the proposed methods’ performance on two standard datasets: KDDCup 99 and NSL-KDD. The experiment is run 30 times for each DNA encoding method. The results show that DEM3sel obtains the best result compared with DEMdif, where the detection rate, false alarm rate, and accuracy of detection are 99.58%, 35.53%, and 92.74% respectively. The results also show that using more keys and their positions improves the false alarm rate and the accuracy of DEM3sel by up to 26.48% and 1.75%, respectively. Moreover, the performance of the proposed method DEM3sel is comparable to or better than state-of-the-art algorithms. Thus, it can be concluded that the proposed DNA sequence method is suitable for use in an IDS.
Highlights
The high usage of computer networks for internet access and the exponential growth in the use and scope of the internet among both companies and individuals requires that security systems are in place to prevent attacks being made on users’The associate editor coordinating the review of this manuscript and approving it for publication was Jiafeng Xie.data and transactions [1]
This paper attempted to deal with intrusion detection and find a way to apply deoxyribonucleic acid (DNA) sequences more effectively for use in intrusion detection system (IDS)
The Teiresias algorithm is used for the two methods to extract the short tandem repeat (STR) sequence for normal network traffic
Summary
The high usage of computer networks for internet access and the exponential growth in the use and scope of the internet among both companies and individuals requires that security systems are in place to prevent attacks being made on users’The associate editor coordinating the review of this manuscript and approving it for publication was Jiafeng Xie.data and transactions [1]. The high usage of computer networks for internet access and the exponential growth in the use and scope of the internet among both companies and individuals requires that security systems are in place to prevent attacks being made on users’. The continuing growth in the use of the internet is not just related to the ease with which users can access a wide range of information; it has become a boon for those who are continually developing new types of attacks for nefarious purposes [2]. The cost of data loss can be too high, and this has caused companies to set up systems to monitor the data flow in their network. It can discover attacks that are made from both outside and inside of an organization [1], [4]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
