research-article

A Hybrid Intrusion Detection Approach Using Ant Colony System and Simulated Annealing (ACS-SA)

Authors:

IPAC '15: Proceedings of the International Conference on Intelligent Information Processing, Security and Advanced Communication

Article No.: 55, Pages 1 - 5

https://doi.org/10.1145/2816839.2816914

Published: 23 November 2015 Publication History

Get Access

Abstract

With the increase in the number and complexity of attacks, Computer security has become one of the most challenging tasks. Intrusion detection system (IDS) is an important component in security infrastructures that aims to detect all intrusions in an efficient manner.

Intrusion detection by security audit trail analysis consists in detecting predefined attack scenarios in the audit trails. Each attack scenario is defined by a number of occurrences of auditable events. This problem is classified as an NP-Hard combinatorial optimization problem.

In this paper we propose to hybrid two powerful optimization algorithms, Ant Colony System (ACS) with Simulated Annealing (SA) to solve such problem. The proposed approach named ACS-SA uses ACS algorithm with a novel pheromone update method and SA as local search algorithm with a new neighborhood generation mechanism. Furthermore, in order to find the best balance between the need for detecting all possible attacks and the need for avoiding attacks that do not exist, new fitness function based on Manhattan distance is proposed. Experimental study shows that the proposed approach gives good results in term of true positive rate, false positive rate and computational cost.

References

[1]

M. Daoudi. Security audit trail analysis using harmony search algorithm. The Eighth International Conference on Systems: ICONS, 2011.

Google Scholar

[2]

M. Daoudi. An intrusion detection approach using an adaptative parameter-free algorithm. The Ninth International Conference on Systems, pages 178--184, 2014.

Google Scholar

[3]

M. Daoudi, A. Boukra, and M. Ahmed-Nacer. Security audit trail analysis with biogeography based optimization metaheuristic. Proceedings of the International Conference on Informatics Engineering Information Science: ICIES. Springer-Verlag Berlin Heidelberg, pages 218--227, 2011.

Crossref

Google Scholar

[4]

M. Dass. Lids: A learning intrusion detection system, 2003. Master of Science, The University of Georgia, Athens, Georgia.

Google Scholar

[5]

A. Diaz-Gomez and D. F. Hougen. A genetic algorithm approach for doing misuse detection in audit trail files. CIC 06 Proceedings of the 15th International Conference on Computing, IEEE Computer Society, pages 329--335, 2006.

Digital Library

Google Scholar

[6]

E. Dorigo and L. Gambardella. Ant colonies for the traveling salesman problem. BioSystems, vol. 43, pages 73--81, 1997.

Google Scholar

[7]

Y. Guan, A. Ghorbani, and N. Belacel. Y-means: a clustering method for intrusion detection. Canadian Conference on Electrical and Computer Engineering, pages 1083--1086, 2003.

Crossref

Google Scholar

[8]

S. Kirkpatrick, C. Gelatt, and M. Vecchi. Optimization by simulated annealing. SCIENCE, pages 671--680, 1983.

Google Scholar

[9]

C. Kolias, G. Kambourakis, and M. Maragoudakis. Swarm intelligence in intrusion detection: A survey-computers security. Elsevier, 2011.

Digital Library

Google Scholar

[10]

W. Lee, J. Salvatore, and K. Mok. Mining audit data to build intrusion detection models. Proceedings of ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 66--72, 1998.

Digital Library

Google Scholar

[11]

P. G. Majeed and S. Kumar. Genetic algorithms in intrusion detection systems: A survey. International Journal of Innovation and Applied Studies, Vol.5, pages 233--240, 2014.

Google Scholar

[12]

L. Mé. Audit de sécurité par algorithmes génétiques. PhD thesis, Institut de Formation Supérieure en Informatique et de Communication de Rennes, 1994.

Google Scholar

[13]

D. Vinchurkar and A. Reshamwala. A review of intrusion detection system using neural network and machine learning technique. International Journal of Engineering Science and Innovative Technology, 2012.

Google Scholar

Cited By

View all

Al-Daweri MAbdullah SAriffin K(2021)A homogeneous ensemble based dynamic artificial neural network for solving the intrusion detection problemInternational Journal of Critical Infrastructure Protection10.1016/j.ijcip.2021.10044934:COnline publication date: 1-Sep-2021
https://dl.acm.org/doi/10.1016/j.ijcip.2021.100449
(2019)A Manhattan distance-based binary bat algorithm vs. integer ant colony optimisation for intrusion detection in the audit trailsInternational Journal of Computational Science and Engineering10.5555/3337507.333751818:4(424-437)Online publication date: 25-May-2019
https://dl.acm.org/doi/10.5555/3337507.3337518
Yadav ASairam AMazumdar A(2017)Selecting stable route in multipath routing protocols2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT.2017.8204139(1-7)Online publication date: Jul-2017
https://doi.org/10.1109/ICCCNT.2017.8204139
Show More Cited By

Index Terms

A Hybrid Intrusion Detection Approach Using Ant Colony System and Simulated Annealing (ACS-SA)
1. Computing methodologies
  1. Artificial intelligence
    1. Search methodologies
      1. Heuristic function construction
2. Social and professional topics
  1. Professional topics
    1. Management of computing and information systems

Recommendations

Application of Intrusion Detection Based on an Improved Ant Colony Optimization
ICETCE '12: Proceedings of the 2012 Second International Conference on Electric Technology and Civil Engineering

In view of the ant colony algorithm to solve the combinatorial optimization problem of inadequacy, put forward a kind of improved ant colony optimization algorithm and application in intrusion detection, in establishing the characteristics and detection ...
Rule generalisation in intrusion detection systems using SNORT

Intrusion Detection Systems (IDSs) provide an important layer of security for computer systems and networks. An IDS's responsibility is to detect suspicious or unacceptable system and network activity and to alert a systems administrator to this ...
An escalated approach to ant colony clustering algorithm for intrusion detection system
ICDCN'08: Proceedings of the 9th international conference on Distributed computing and networking

Intrusion detection systems are increasingly a key part of systems defense. Various approaches to intrusion detection are currently being used, but they are relatively ineffective. Constructing and maintaining a misuse detection system is very labor-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

IPAC '15: Proceedings of the International Conference on Intelligent Information Processing, Security and Advanced Communication

November 2015

495 pages

ISBN:9781450334587

DOI:10.1145/2816839

Editors:
Djallel Eddine Boubiche
University of Batna 2, Algeria
,
Faouzi Hidoussi
University of Batna 2, Algeria
,
Homero Toral Cruz
University of Quintana Roo, Mexico

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 November 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

IPAC '15

IPAC '15: International Conference on Intelligent Information Processing, Security and Advanced Communication

November 23 - 25, 2015

Batna, Algeria

Acceptance Rates

Overall Acceptance Rate 87 of 367 submissions, 24%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
72
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Al-Daweri MAbdullah SAriffin K(2021)A homogeneous ensemble based dynamic artificial neural network for solving the intrusion detection problemInternational Journal of Critical Infrastructure Protection10.1016/j.ijcip.2021.10044934:COnline publication date: 1-Sep-2021
https://dl.acm.org/doi/10.1016/j.ijcip.2021.100449
(2019)A Manhattan distance-based binary bat algorithm vs. integer ant colony optimisation for intrusion detection in the audit trailsInternational Journal of Computational Science and Engineering10.5555/3337507.333751818:4(424-437)Online publication date: 25-May-2019
https://dl.acm.org/doi/10.5555/3337507.3337518
Yadav ASairam AMazumdar A(2017)Selecting stable route in multipath routing protocols2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT.2017.8204139(1-7)Online publication date: Jul-2017
https://doi.org/10.1109/ICCCNT.2017.8204139
Yadav PRizvi S(2017)Performance analysis of randomized algorithm for optimal query plan generation in distributed environment2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT.2017.8204044(1-7)Online publication date: Jul-2017
https://doi.org/10.1109/ICCCNT.2017.8204044

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Application of Intrusion Detection Based on an Improved Ant Colony Optimization

Rule generalisation in intrusion detection systems using SNORT

An escalated approach to ant colony clustering algorithm for intrusion detection system