A DIDS Based on The Combination of Cuttlefish Algorithm and Decision Tree
Different Distributed Intrusion Detection Systems (DIDS) based on mobile agents have been proposed in recent years to protect computer systems from intruders. Since intrusion detection systems deal with a large amount of data, keeping the best quality of features is an important task in these systems. In this paper, a novel DIDS based on the combination of Cuttlefish Optimization Algorithm (CFA) and Decision Tree (DT) is proposed. The proposed system uses an agent called Rule and Feature Generator Agent (RFGA) to generate a subset of features with corresponding rules. RFGA agent uses CFA to search for optimal subset of features, while DT is used as a measurement on the selected features. The proposed model is tested on the KDD Cup 99 dataset. The obtained results show that the proposed system gives a better performance even with a small subset of 5 features when compared with using all 41 features.
Adel Sabry Eesa, Z. O., Adnan Mohsin Abdulazeez Brifcani. (2015). A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Systems with Applications, 42, 2670–2679.
The Agent-Oriented Software Engineering Handbook. (2004). In M.-P. G. Federico Bergenti, Franco Zambonelli (Ed.), Methodologies and Software Engineering for Agent Systems (Vol. 11): Springer US.
Center, I. A. T. A. (2009). Information Assurance Tools Report: Intrusion Detection Systems: Information Assurance Technology Analysis Center.
Chi-Ho Tsang, S. K., Hanli Wang. (2007). Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection. Pattern Recognition, 40(9), 2373–2391.
Dalila Boughaci, H. D., Ahmed Bendib, Youcef Bouznit (2006, 25-27 May 2006). Distributed Intrusion Detection Framework based on Autonomous and Mobile Agents. Paper presented at the 2006 International Conference on Dependability of Computer Systems, Szklarska Poreba.
Donald G. Marks, P. M., Michael Stinson. (2004). Optimizing the Scalability of Network Intrusion Detection Systems Using Mobile Agents. Journal of Network and Systems Management 12(1), 95-110
E., M. (2005). A New Mobile Agent-Based Intrusion Detection System Using Distributed Sensors. American University of Beirut.
Eesa, A. S. (2011). Intrusion Detection System Based on Decision Tree and Clustered Continuous Inputs. Raf. J. of Comp. & Math’s, 8(1).
Elkan, C. (2000). Results of the KDD'99 classifier learning. SIGKDD Explor. Newsl., 1(2), 63-64.
Hai Thanh Nguyen , K. F., Slobodan Petrovic. (2010). Towards a Generic Feature-Selection Measure for Intrusion Detection. Paper presented at the Pattern Recognition (ICPR), 2010 20th International Conference on.
Imen Brahmi, S. B. Y., Pascal Poncelet. (2010). MAD-IDS: Novel Intrusion Detection System Using Mobile Agents and Data Mining Approaches Intelligence and Security Informatics (pp. 73-76): Springer Berlin Heidelberg.
Jean-Louis Lassez , R. R., Stephen Sheel , Srinivas Mukkamala. (2008). Signature based intrusion detection using latent semantic analysis. Paper presented at the 2008 IEEE International Joint Conference on Neural Networks (IEEE World Congress on Computational Intelligence).
Lior Rokach, O. M. (2007). Data Mining With Decision Trees, Theory and Applications: World Scientific.
Manmeet S, S. S. S. (2007). Distributed Intrusion Detection System using Mobile Agents Paper presented at the National Conference on Challenges & Opportunities in Information Technology (COIT).
Mihai Lintean, V. R. (2007). Naive Bayes And Decision Trees For Function Tagging. Paper presented at the of the International Conference of the FLAIRS-2007, Key West, FL.
Mohanabharathi R, M. T. K., Dr.S.Karthi. (2012). Feature Selection for Wireless Intrusion Detection System Using Filter and Wrapper Model. International Journal of Modern Engineering Research (IJMER), 2(4), 1552-1556.
N. Pratik Neelakantan , C. N. M. T. (2011). Role of Feature Selection in Intrusion Detection Systems for 802.11 Networks. International Journal of Smart Sensors and Ad Hoc Networks (IJSSAN) 1(1), 98-101.
Nahla Ben Amor, S. B., Zied Elouedi. (2004). Qualitative classification with possibilistic decision trees. Paper presented at the the International Conference on Information Processing of Uncertainty in Knowledge Based Systems IPMU’2004,, Perugia, Italy.
Quinlan, J. R. (1993). C4.5: Programs for Machine Learning: Morgan Kaufmann Publishers.
R. Sasikumar, D. M. (2012). Dynamic Distributed Intrusion Detection System Based on Mobile Agents with Fault Tolerance. Journal of Computer Science, 8(7), 1092-1098.
Rupali Datti, S. L. (2012). Performance Comparison of Features Reduction Techniques for Intrusion Detection System International Journal of Computer Science And Technology, 3(1).
Saidat Adebukola Onashoga, A. D. A., Adesina Simon Sodiya (2009). A Strategic Review of Existing Mobile Agent- Based Intrusion Detection Systems. Retrieved from http://iisit.org/Vol6/IISITv6p669-682Onashoga623.pdf
Sandhya Peddabachigari, A. A., Crina Grosan, Johnson Thomas. (2007). Modeling intrusion detection system using hybrid intelligent systems. Journal of Network and Computer Applications, Elsevier, 30(1), 14–132.
Shih-Wei Lin, K.-C. Y., Chou-Yuan Lee, Zne-Jung Lee. (2012). An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection. Applied Soft Computing, 12(10), 3285–3290.
Steven R. Snapp, J. B., Gihan V. Dias, Terrance L. Goan, L. Todd Heberlein, Che-lin Ho, Karl N. Levitt, Biswanath Mukherjee, Stephen E. Smaha, Tim Grance, Daniel M. Teal, Doug Mansur. (1991). DIDS (Distributed Intrusion Detection System) - Motivation, Architecture, and An Early Prototype. Paper presented at the Snapp91dids.
V. Bolón-Canedo, N. S.-M., A. Alonso-Betanzos (2011). Feature selection and classification in multiple class datasets: An application to KDD Cup 99 dataset. Expert Systems with Applications, 38(5), 5947–5957.
Wang J., C.-j. W., Jun-yuan X., Shi-fu C. . (2006). Research on Agent-based Intrusion Detection Technique.Computer Science. Computer Science, 33(12).
Yacine Bouzida, F. C. (2006). Neural networks vs. decision trees for intrusion detection. IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation (MonAM), Tuebingen, Germany, 28(29).
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License [CC BY-NC-SA 4.0] that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work, with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online.