Title :
A Three-Level-Module Adaptive Intrusion Detection System
Author :
Zhao, Lin-hui ; Wang, Yumin ; Xiao, Jing ; Dai, Ya-ping ; Dong, Fang-Yan ; Liu, Hai-Le
Author_Institution :
Beijing Inst. of Technol., Beijing
Abstract :
Based on the Danger theory, the immune network theory and the decision templates fusion algorithm, a three-level-module adaptive intrusion detection system (TAIDS) is presented in this paper. To consider the effect of danger signals, the results of decision templates algorithm are redefined by adding a kind of suspicion signal. So, the detection templates should be modified online, and a template-adjustable adaptive decision fusion algorithm is proposed. There are two benefits in the TAIDS. First, when it is difficult to distinguish current behaviors depending on familiar features, The TAIDS will discriminate them by means of danger theory, making false alarms reduced and the ability of identifying novel attacks enhanced. Second, the adaptive decision templates algorithm allows detection templates to modify dynamically without periodical updating. Experiments are carried out on KDD-CUP-99 database to verify the performance of this system. The false positive rate is 2.27%,and the accuracies on known attacks and on unknown attacks are respectively 97.67% and 98.75%.
Keywords :
security of data; TAIDS; adaptive decision templates algorithm; danger theory; decision templates algorithm; immune network theory; three-level-module adaptive intrusion detection system; Adaptive control; Adaptive systems; Control systems; Educational institutions; Immune system; Intelligent systems; Intrusion detection; Mechatronics; Programmable control; Signal detection; danger theory; data fusion algorithm; intrusion detection;
Conference_Titel :
Networking, Sensing and Control, 2007 IEEE International Conference on
Conference_Location :
London
Print_ISBN :
1-4244-1076-2
Electronic_ISBN :
1-4244-1076-2
DOI :
10.1109/ICNSC.2007.372890
