Skip to main content
SpringerLink
Log in

Design of Intrusion Detection System Based on Logical Analysis of Data (LAD) Using Information Gain Ratio

  • Conference paper
  • First Online:
Cyber Security, Cryptology, and Machine Learning (CSCML 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13301))

Abstract

An intrusion detection system is proposed which is capable of detecting penetration, break-ins and other security breaches in near real time. The system has been developed using Logical Analysis of Data (LAD) where the attack is detected by monitoring the network traffic. LAD generates positive and negative patterns from historical observations to classify the unknown observations. It uses the concepts of partially defined Boolean functions and its extensions to extract patterns for classification. The Information Gain ratio technique is used to produce the support set of features. The performance of the proposed technique has an advantage over other techniques as it can detect anomalous behavior in near real time. WEKA tool has been used to build the classifiers and their performance is compared with the proposed model. Detection of abnormal behaviour is significantly achieved by the proposed implementation than the LAD-WEKA.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ahmed, M., Mahmood, A.N., Hu, J.: A survey of network anomaly detection techniques. J. Netw. Comput. Appl. 60, 19–31 (2016). https://doi.org/10.1016/j.jnca.2015.11.016

    Article  Google Scholar 

  2. Alexe, G., Alexe, S., Bonates, T.O., Kogan, A.: Logical analysis of data-the vision of Peter L. Hammer. Ann. Math. Artif. Intell. 49(1–4), 265–312 (2007). https://doi.org/10.1007/s10472-007-9065-2

    Article  MathSciNet  MATH  Google Scholar 

  3. Almomani, O.: A feature selection model for network intrusion detection system based on PSO, GWO, FFA and GA algorithms. Symmetry 12(6), 1046 (2020). https://doi.org/10.3390/sym12061046

    Article  Google Scholar 

  4. Almuallim, H., Dietterich, T.G.: Learning Boolean concepts in the presence of many irrelevant features. Artif. Intell. 69(1–2), 279–305 (1994). https://doi.org/10.1016/0004-3702(94)90084-1

    Article  MathSciNet  MATH  Google Scholar 

  5. Alzahrani, A.O., Alenazi, M.J.F.: Designing a network intrusion detection system based on machine learning for software defined networks. Future Internet 13(5) (2021). https://doi.org/10.3390/fi13050111

  6. Amaizu, G.C., Nwakanma, C.I., Lee, J.M., Kim, D.S.: Investigating network intrusion detection datasets using machine learning. In: 2020 International Conference on Information and Communication Technology Convergence (ICTC), pp. 1325–1328 (2020). https://doi.org/10.1109/ICTC49870.2020.9289329

  7. Ashwini Pathak, S.P.: Study on decision tree and KNN algorithm for intrusion detection system. Int. J. Eng. Res. Technol. (IJERT) 9, 376–381 (2020). https://doi.org/10.17577/IJERTV9IS050303

  8. Boros, E., Hammer, P.L., Ibaraki, T., Kogan, A., Mayoraz, E., Muchnik, I.: An implementation of logical analysis of data. IEEE Trans. Knowl. Data Eng. 12(2), 292–306 (2000). https://doi.org/10.1109/69.842268

    Article  Google Scholar 

  9. Choudhury, S., Bhowal, A.: Comparative analysis of machine learning algorithms along with classifiers for network intrusion detection. In: 2015 International Conference on Smart Technologies and Management for Computing, Communication, Controls, Energy and Materials (ICSTM), pp. 89–95 (2015). https://doi.org/10.1109/ICSTM.2015.7225395

  10. Crama, Y., Hammer, P.L., Ibaraki, T.: Cause-effect relationships and partially defined Boolean functions. Ann. Oper. Res. 16(1), 299–325 (1988). https://doi.org/10.1007/BF02283750

    Article  MathSciNet  MATH  Google Scholar 

  11. Das, T.K., Adepu, S., Zhou, J.: Anomaly detection in industrial control systems using logical analysis of data. Comput. Secur. 96, 101935 (2020). https://doi.org/10.1016/j.cose.2020.101935

    Article  Google Scholar 

  12. Das, T.K., Gangopadhyay, S., Zhou, J.: SSIDS: semi-supervised intrusion detection system by extending the logical analysis of data. CoRR arXiv:2007.10608 (2020)

  13. Denning, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng. 2, 222–232 (1987). https://doi.org/10.1109/TSE.1987.232894

    Article  Google Scholar 

  14. Depren, O., Topallar, M., Anarim, E., Ciliz, M.K.: An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks. Expert Syst. Appl. 29(4), 713–722 (2005). https://doi.org/10.1016/j.eswa.2005.05.002

    Article  Google Scholar 

  15. Dua, M., et al.: Attribute selection and ensemble classifier based novel approach to intrusion detection system. Procedia Comput. Sci. 167, 2191–2199 (2020). https://doi.org/10.1016/j.procs.2020.03.271

    Article  Google Scholar 

  16. Hammer, P.L.: Partially defined Boolean functions and cause-effect relationships. In: Proceedings of the International Conference on Multi-attribute Decision Making via OR-Based Expert Systems. University of Passau (1986)

    Google Scholar 

  17. Hammer, P.L., Bonates, T.O.: Logical analysis of data - an overview: from combinatorial optimization to medical applications. Ann. Oper. Res. 148(1), 203–225 (2006). https://doi.org/10.1007/s10479-006-0075-y

    Article  MATH  Google Scholar 

  18. Khammassi, C., Krichen, S.: A GA-LR wrapper approach for feature selection in network intrusion detection. Comput. Secur. 70, 255–277 (2017). https://doi.org/10.1016/j.cose.2017.06.005

    Article  Google Scholar 

  19. Li, L., Yu, Y., Bai, S., Hou, Y., Chen, X.: An effective two-step intrusion detection approach based on binary classification and \(k\)-nn. IEEE Access 6, 12060–12073 (2018). https://doi.org/10.1109/ACCESS.2017.2787719

    Article  Google Scholar 

  20. Mishra, P., Varadharajan, V., Tupakula, U., Pilli, E.S.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surv. Tutor. 21(1), 686–728 (2019). https://doi.org/10.1109/COMST.2018.2847722

    Article  Google Scholar 

  21. Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6 (2015). https://doi.org/10.1109/MilCIS.2015.7348942

  22. Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J. Glob. Perspect. 25(1–3), 18–31 (2016). https://doi.org/10.1080/19393555.2015.1125974

    Article  Google Scholar 

  23. Moustafa, N., Slay, J., Creech, G.: Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks. IEEE Trans. Big Data 5(4), 481–494 (2019). https://doi.org/10.1109/TBDATA.2017.2715166

    Article  Google Scholar 

  24. Shilpashree, S.: Decision tree: a machine learning for intrusion detection. Int. J. Innov. Technol. Explor. Eng. 8, 5 (2019). https://doi.org/10.35940/ijitee.F1234.0486S419

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology Roorkee, Roorkee, India

    Sneha Chauhan & Sugata Gangopadhyay

  2. Department of Computer Science and Engineering, National Institute of Technology Uttarakhand, Srinagar, India

    Sneha Chauhan

Authors
  1. Sneha Chauhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sugata Gangopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sneha Chauhan .

Editor information

Editors and Affiliations

  1. Ben-Gurion University of the Negev, Be’er Sheva, Israel

    Shlomi Dolev

  2. University of Maryland, College Park, MD, USA

    Jonathan Katz

  3. Ben-Gurion University of the Negev, Be’er Sheva, Israel

    Amnon Meisels

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chauhan, S., Gangopadhyay, S. (2022). Design of Intrusion Detection System Based on Logical Analysis of Data (LAD) Using Information Gain Ratio. In: Dolev, S., Katz, J., Meisels, A. (eds) Cyber Security, Cryptology, and Machine Learning. CSCML 2022. Lecture Notes in Computer Science, vol 13301. Springer, Cham. https://doi.org/10.1007/978-3-031-07689-3_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-07689-3_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-07688-6

  • Online ISBN: 978-3-031-07689-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation