Knowledge Computational Intelligence in Network Intrusion Detection Systems

  • Neeraj Kumar
  • Upendra Kumar


An Intrusion Detection System (IDS) is acting as first line of intrusion detection for providing network security in various areas like defence, e-commerce, autonomous systems etc. For network administrator, it plays an important role in understanding details about packet arriving and numerous activities involved within network. It helps the administrator in taking decisions at every stage of network life cycle. It can never access the IDS without knowing the performance of measure. Two most popular issues involved to exploit security are virus and attacker, generally termed as hacker. Generally, hacker is stimulated by adventure of importance. Hacker societies are strong in abstraction and their status is firm by their ability level. Gentle intruder gets through assets and slows the outcomes for genuine user like IDS and intrusion prevention systems (IPSs) are intended to help in frustrating hacker terrorization which can restrict remote logons to specific IP addresses and can utilize within a virtual private network technology (VPN). Many intrusion detection methodologies are proposed so far to resolve such issues but the main problem was performance of network and accuracy in detection of intrusion. To achieve this, there should be a strong mechanism for having true knowledge about the data which is flowing over the network. Proposed work done with study and analysis of various existing intrusion detection techniques and found lack in true prediction of intrusion. Considering these challenges, proposed work focused on handling both types of intrusion either anomaly based or signature based as complete hybrid model. Through knowledge extraction using soft computing and minimizing false alarm problem, proposed hybrid model found as true result-oriented intrusion detector.


NIDS FLC MLP KDD99 Alarm Attack ANFIS Genetic Expert system Soft computing 


  1. 1.
    Su, M. Y., Yu, G. J., & Lin, C. Y. (2009). A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach. Computers & Security, 28(5), 301–309.CrossRefGoogle Scholar
  2. 2.
    Azodi, A., Cheng, F., & Meinel, C. (2016, March). Towards better attack path visualizations based on deep normalization of host/network IDS alerts. In IEEE 30th International Conference on Advanced Information Networking and Applications (AINA), 2016 (pp. 1064–1071). IEEE.Google Scholar
  3. 3.
    Hubballi, N., & Suryanarayanan, V. (2014). False alarm minimization techniques in signature-based intrusion detection systems: A survey. Computer Communications, 49, 1–17.CrossRefGoogle Scholar
  4. 4.
    Folino, G., Pisani, F. S., & Sabatino, P. (2016, March). A distributed intrusion detection framework based on evolved specialized ensembles of classifiers. In European Conference on the Applications of Evolutionary Computation (pp. 315–331). Cham: Springer.Google Scholar
  5. 5.
    Reddy, R. R., Ramadevi, Y., & Sunitha, K. V. N. (2016). Data fusion approach for enhanced anomaly detection. In Innovations in computer science and engineering (pp. 275–285). Singapore: Springer.Google Scholar
  6. 6.
    Jabez, J., & Muthukumar, B. (2015). Intrusion detection system (IDS): Anomaly detection using outlier detection approach. Procedia Computer Science, 48, 338–346.CrossRefGoogle Scholar
  7. 7.
    Ashfaq, R. A. R., Wang, X. Z., Huang, J. Z., Abbas, H., & He, Y. L. (2017). Fuzziness based semi-supervised learning approach for intrusion detection system. Information Sciences, 378, 484–497.CrossRefGoogle Scholar
  8. 8.
    Jogdand, P., & Padiya, P. (2016, March). Survey of different IDS using honey token based techniques to mitigate cyber threats. In International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT) (pp. 802–807). IEEE.Google Scholar
  9. 9.
    Kenkre, P. S., Pai, A., & Colaco, L. (2015). Real time intrusion detection and prevention system. In Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2014 (pp. 405–411). Cham: Springer.Google Scholar
  10. 10.
    Kumar, V., Srivastava, J., & Lazarevic, A. (Eds.). (2006). Managing cyber threats: Issues, approaches, and challenges (Vol. 5). Berlin: Springer Science & Business Media.Google Scholar
  11. 11.
    Shah, B., & Trivedi, B. H. (2015, February). Improving performance of mobile agent based intrusion detection system. In Fifth International Conference on Advanced Computing & Communication Technologies (ACCT), 2015 (pp. 425–430). IEEE.Google Scholar
  12. 12.
    Ahmad, I., Abdullah, A., Alghamdi, A., & Hussain, M. (2013). Optimized intrusion detection mechanism using soft computing techniques. Telecommunication Systems, 1–9.Google Scholar
  13. 13.
    Mehra, L., Gupta, M. K., & Gill, H. S. (2015, September). An effectual & secure approach for the detection and efficient searching of network intrusion detection system (NIDS). In International Conference on Computer, Communication and Control (IC4), 2015 (pp. 1–5). IEEE.Google Scholar
  14. 14.
    Toumi, H., Talea, A., Marzak, B., Eddaoui, A., & Talea, M. (2015). Cooperative trust framework for cloud computing based on mobile agents. International Journal of Communication Networks and Information Security, 7(2), 106.Google Scholar
  15. 15.
    Wagner, D., & Soto, P. (2002, November). Mimicry attacks on host-based intrusion detection systems. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 255–264). ACM. Google Scholar
  16. 16.
    Kozushko, H. (2003). Intrusion detection: Host-based and network-based intrusion detection systems. Independent Study.Google Scholar
  17. 17.
    Bai, Y., & Kobayashi, H. (2003, March). Intrusion detection systems: technology and development. In 17th International Conference on Advanced Information Networking and Applications, 2003, AINA 2003 (pp. 710–715). IEEE.Google Scholar
  18. 18.
    Bai, Y., & Kobayashi, H. (2003, March). New string matching technology for network security. In 17th International Conference on Advanced Information Networking and Applications, 2003, AINA 2003 (pp. 198–201). IEEE.Google Scholar
  19. 19.
    Han, S. J., & Cho, S. B. (2003). Combining multiple host-based detectors using decision tree. AI 2003: Advances in Artificial Intelligence, 208–220.Google Scholar
  20. 20.
    Tan, L., & Sherwood, T. (2005, June). A high throughput string matching architecture for intrusion detection and prevention. In ACM SIGARCH Computer Architecture News (Vol. 33, No. 2, pp. 112–122). IEEE Computer Society.Google Scholar
  21. 21.
    Mrdović, S., & Zajko, E. (2005). Secured intrusion detection system infrastructure.Google Scholar
  22. 22.
    Depren, O., Topallar, M., Anarim, E., & Ciliz, M. K. (2005). An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks. Expert Systems with Applications, 29(4), 713–722.CrossRefGoogle Scholar
  23. 23.
    Carlson, M., & Scharlott, A. (2006) Vol 2
  24. 24.
    Carlson, M., & Scharlott, A. (2006). Intrusion detection and prevention systems. In CS536 Data Communication and Computer Networks Final Paper.Google Scholar
  25. 25.
    Janakiraman, R., Waldvogel, M., & Zhang, Q. (2003, June). Indra: A peer-to-peer approach to network intrusion detection and prevention. In Proceedings of Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003, WET ICE 2003 (pp. 226–231). IEEE.Google Scholar
  26. 26.
    Laureano, M., Maziero, C., & Jamhour, E. (2007). Protecting host-based intrusion detectors through virtual machines. Computer Networks, 51(5), 1275–1283.CrossRefMATHGoogle Scholar
  27. 27.
    Yu, Z., Tsai, J. J., & Weigert, T. (2007). An automatically tuning intrusion detection system. IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics), 37(2), 373–384.Google Scholar
  28. 28.
    SANS (2008).Google Scholar
  29. 29.
  30. 30.
    Guimaraes, M., & Murray, M. (2008, September). Overview of intrusion detection and intrusion prevention. In Proceedings of the 5th Annual Conference on Information Security Curriculum Development (pp. 44–46). ACM.Google Scholar
  31. 31.
    Shibli, M. A., & Muftic, S. (2008). In International Conference on Security & Cryptography, IEEE.Google Scholar
  32. 32.
    Yu, Z., Tsai, J. J., & Weigert, T. (2008). An adaptive automatically tuning intrusion detection system. ACM Transactions on Autonomous and Adaptive Systems (TAAS), 3(3), 10.Google Scholar
  33. 33.
    Awodele, O., Idowu, S., Anjorin, O., & Joshua, V. J. (2009). A multi-layered approach to the design of intelligent intrusion detection and prevention system (IIDPS). Issues in Informing Science & Information Technology, 6.Google Scholar
  34. 34.
    Patel, A., Qassim, Q., & Wills, C. (2010). A survey of intrusion detection and prevention systems. Information Management & Computer Security, 18(4), 277–290.CrossRefGoogle Scholar
  35. 35.
    Ahmad, I., Abdullah, A., Alghamdi, A., & Hussain, M. (2011). Journal of Business Media, LLC (27 July 2011, Springer).Google Scholar
  36. 36.
    Patel, A., Taghavi, M., Bakhtiyari, K., & JúNior, J. C. (2013). An intrusion detection and prevention system in cloud computing: A systematic review. Journal of network and computer applications, 36(1), 25–41.CrossRefGoogle Scholar
  37. 37.
    Feizollah, A., Shamshirband, S., Anuar, N. B., Salleh, R., & Kiah, M. L. M. (2013, August). Anomaly detection using cooperative fuzzy logic controller. In FIRA RoboWorld Congress (pp. 220–231).Google Scholar
  38. 38.
    Sarda, A. R. (2014) In Springer Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2014.Google Scholar
  39. 39.
    Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., & Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers & Security, 28(1), 18–28. Google Scholar
  40. 40.
    Malhotra, A., & Bajaj, K. (2016). A survey on various malware detection techniques on mobile platform. International Journal of Computers and Applications, 139(5), 15–20.CrossRefGoogle Scholar
  41. 41.
    Das, N., & Sarkar, T. (2014). Survey on host and network based intrusion detection system. International Journal of Advanced Networking and Applications, 6(2), 2266.Google Scholar
  42. 42.
    Gautam, S. K., & Om, H. (2017). Comparative analysis of classification techniques in network based intrusion detection systems. In Proceedings of the First International Conference on Intelligent Computing and Communication (pp. 591–601). Singapore: Springer.Google Scholar
  43. 43.
    Ahmad, A., & Senga, B. P. S. (2017). Instruction detection system based on support vector machine using BAT algorithm. International Journal of Computer Applications, 158(8).Google Scholar
  44. 44.
    Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of Network and Computer Applications, 36(1), 42–57.CrossRefGoogle Scholar
  45. 45.
    Denning, D., & Neumann, P. G. (1985). Requirements and model for IDES-a real-time intrusion-detection expert system. SRI International.Google Scholar
  46. 46.
    Estevez-Tapiador, J. M., Garcia-Teodoro, P., & Diaz-Verdejo, J. E. (2003, March). Stochastic protocol modeling for anomaly based network intrusion detection. In Proceedings of First IEEE International Workshop on Information Assurance, 2003, IWIAS 2003. (pp. 3–12).Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringBirla Institute of TechnologyMesraIndia

Personalised recommendations