Towards an Intelligent Intrusion Detection System: A Proposed Framework
With the fast increase in network connectivity and reliance on information systems, the number of sophisticated threats has increased rapidly, hence demanding the development of intelligent security protection systems that are resilient to these new threa
- PDF / 1,609,855 Bytes
- 14 Pages / 439.37 x 666.142 pts Page_size
- 24 Downloads / 283 Views
Amman, Jordan [email protected] 2 Computer and Digital Forensics, Champlain College, Burlington, USA [email protected] 3 Department of Mathematics and Computer Science, East Central University, Ada, OK, USA [email protected]
Abstract. With the fast increase in network connectivity and reliance on information systems, the number of sophisticated threats has increased rapidly, hence demanding the development of intelligent security protection systems that are resilient to these new threats. This research has been conducted as an improvement to the Intrusion Detection Systems (IDS) detection methodology; it aims to design not only a framework for an intrusion detection system but also to make this system interact intelligently. The proposed IDS could self-customize itself to adopt different network topologies and network traffic situations and serve as a self-learner, which is a feature not seen in most commercial and open-source intrusion detection systems. Keywords: IDS · Intrusion detection system · Intelligent agent · Network security · Threat detection
1 Introduction Millions of worms, viruses and other malware are created every day, according to McAfee, the percentage of spam in email traffic in the third quarter of 2017 reached 55.9%, also there were more than 57.6 million new malware samples, the WannaCry attacks alone infected more than 300,000 computers in over 150 countries in less than 24 h [1]. Adversaries are relentlessly targeting every corner of the digital world, from computer networks to bank’s websites, spreading to social networks and mobile devices. Their attacks didn’t steal information or damage systems only, but costed the global economy as much as 400 billion dollars a year [2]. Researchers, specialists, and companies are continuously trying to create and develop various tools to respond to these vicious onslaught attacks targeting today’s digital systems. Intrusion Detection Systems (IDS) are considered as a critical component for network security which can deal with internal and external attacks. They support security specialists with the ability to perform real-time security monitoring and identify © Springer Nature Switzerland AG 2020 K. Arai et al. (Eds.): SAI 2020, AISC 1230, pp. 322–335, 2020. https://doi.org/10.1007/978-3-030-52243-8_23
Towards an Intelligent Intrusion Detection System
323
abnormal patterns. Many research papers have been conducted to improve the quality of intrusion detection systems, but they still have their problems, especially when it comes to high false-positive ratios, operational issues in high-speed environments, working with encrypted traffic and the difficulty of detecting unknown threats. In this paper, a new intrusion detection framework is proposed that could not only detect intrusions but benefit from intelligent agents’ structures and knowledge base systems to detect new and unknown attack patterns. This will improve the security posture of the guarded network and provide further confidence to network security engineers about their system’s detec
Data Loading...