Skip to main content
SpringerLink
Log in
Book cover

International Joint Conference SOCO’14-CISIS’14-ICEUTE’14 pp 145–154Cite as

Multi-agent Artificial Immune System for Network Intrusion Detection and Classification

  • Conference paper

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 299))

Abstract

A multi-agent artificial immune system for network intrusion detection and classification is proposed and tested in this paper. The multi-layer detection and classification process is proposed to be executed on each agent, for each host in the network. The experiment shows very good results in detection layer, where 90% of anomalies are detected. For the classification layer, 88% of false positives were successfully labeled as normal traffic connections, and 79% of DoS and Probe attacks were labeled correctly. An analysis is given for future work to enhance results for low-presented attacks.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Dasgupta, D., Yu, S., Nino, F.: Advances in artificial immune systems: Models and applications. Applied Soft Computing 11(2), 1574–1587 (2011)

    Article  Google Scholar 

  2. Aickelin, U., Greensmith, J., Twycross, J.: Immune system approaches to intrusion detection - a review. In: Artificial Immune Systems, pp. 316–329. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Khoshgoftaar, T.M., Gao, K., Ibrahim, N.H.: Evaluating indirect and direct classification techniques for network intrusion detection. Intelligent Data Analysis 9(3), 309–326 (2005)

    Google Scholar 

  4. Kotsiantis, S.B.: Supervised machine learning: A review of classification techniques. Informatica (03505596) 31(3), 249–268 (2007)

    MATH  MathSciNet  Google Scholar 

  5. Wozniak, M., Grana, M., Corchado, E.: A survey of multiple classifier systems as hybrid systems. Information Fusion 16, 3–17 (2014)

    Article  Google Scholar 

  6. Calvo-Rolle, J.L., Corchado, E.: A bio-inspired knowledge system for improving combined cycle plant control tuning. Neurocomputing 126, 95–105 (2014)

    Article  Google Scholar 

  7. Zhang, H.: The optimality of naive bayes. In: Proceedings of the FLAIRS Conference, vol. 1, pp. 3–9 (2004)

    Google Scholar 

  8. Koc, L., Mazzuchi, T.A., Sarkani, S.: A network intrusion detection system based on a hidden nave bayes multiclass classifier. Original Research Article Expert Systems with Applications 39(18), 13492–13500 (2012)

    Article  Google Scholar 

  9. Shi, H.: Best-first decision tree learning. Phd dissertation, The University of Waikato (2007)

    Google Scholar 

  10. Kruegel, C., Tóth, T.: Using decision trees to improve signature-based intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 173–191. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  11. Mitchell, T.M.: Machine learning. McGraw Hill (1997) ISBN-10: 0070428077

    Google Scholar 

  12. Anderson, J.R.: Machine learning: An artificial intelligence approach. Morgan Kaufmann (1986) ISBN-10: 0934613095

    Google Scholar 

  13. Caruana, R., Niculescu-mizil, A.: An empirical comparison of supervised learning algorithms. In: Proceedings of the 23rd International Conference on Machine Learning, pp. 161–168. ACM (2006)

    Google Scholar 

  14. Damgaard, C.: Gini coefficient, http://mathworld.wolfram.com/GiniCoefficient.html

  15. Aziz, A.S.A., Azar, A.T., Hassanien, A.E., Hanafy, S.E.O.: Continuous features discretization for anomaly intrusion detectors generation. In: Soft Computing in Industrial Applications, pp. 209–221. Springer International Publishing (2014)

    Google Scholar 

  16. Aha, D.W., Bankert, R.L.: A comparative evaluation of sequential feature selection algorithms. In: Learning from Data, pp. 199–206. Springer New York (1996)

    Google Scholar 

  17. Aziz, A.S.A., Azar, A.T., Hassanien, A.E., Hanafy, S.E.O.: Genetic algorithm with different feature selection techniques for anomaly detectors generation. In: 2013 Federated Conference on Computer Science and Information Systems (FedCSIS), pp. 769–774. IEEE (2013)

    Google Scholar 

  18. Weka 3: Data mining software in java, http://www.cs.waikato.ac.nz/~ml/weka/

  19. Nsl-kdd intrusion detection data set (March 2009), http://iscx.ca/NSL-KDD/

  20. Kdd cup’99 intrusion detection data set (October 2007), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  21. Aziz, A.S.A., Hassanien, A.E., Hanafy, S.E.O., Tolba, M.F.: Multi-layer hybrid machine learning techniques for anomalies detection and classification approach. In: 13th International Conference on Hybrid Intelligent Systems (HIS), pp. 216–221. IEEE (2013)

    Google Scholar 

  22. Abdel-Aziz, A.S., Hassanien, A.E., Azar, A.T., Hanafi, S.E.-O.: Machine learning techniques for anomalies detection and classification. In: Awad, A.I., Hassanien, A.E., Baba, K. (eds.) SecNet 2013. CCIS, vol. 381, pp. 219–229. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  23. Java agent development framework (December 2013), http://jade.tilab.com

  24. Bellifemine, F., Poggi, A., Rimassa, G.: Developing multi-agent systems with a fipa-compliant agent framework. Software-Practice and Experience (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Université Française d’Égypte, Cairo, Egypt

    Amira Sayed A. Aziz

  2. Faculty of Computers and Information, Cairo University, Cairo, Egypt

    Sanaa El-Ola Hanafi & Aboul Ella Hassanien

  3. Scientific Research Group in Egypt (SRGE), Cairo, Egypt

    Amira Sayed A. Aziz & Aboul Ella Hassanien

Authors
  1. Amira Sayed A. Aziz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sanaa El-Ola Hanafi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aboul Ella Hassanien
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amira Sayed A. Aziz .

Editor information

Editors and Affiliations

  1. DeustoTech Computing, University of Deusto, Bilbao, Spain

    José Gaviria de la Puerta

  2. DeustoTech Computing, University of Deusto, Bilbao, Spain

    Iván García Ferreira

  3. DeustoTech Computing, University of Deusto, Bilbao, Spain

    Pablo Garcia Bringas

  4. German Workforce ADL Partnership Laboratory, Waltershausen, Germany

    Fanny Klett

  5. Scientific Network for Innovation and Research Excellence, Machine Intelligence Research Labs (MIR Labs), Washington, USA

    Ajith Abraham

  6. Department of Computer Science, University of Sao Paulo at Sao Carlos, Sao Carlos, Brazil

    André C.P.L.F. de Carvalho

  7. Department of Civil Engineering Escuela Politénica Superior, University of Burgos, Burgos, Spain

    Álvaro Herrero

  8. Department of Civil Engineering Escuela Politénica Superior, University of Burgos, Burgos, Spain

    Bruno Baruque

  9. Departamento de Enxeñeria Industrial, Escuela Universitaria Politécnica, University of Salamanca, Salamanca, Spain and University of Coruña, La Coruña, Spain

    Héctor Quintián

  10. University of Salamanca, Salamanca, Spain

    Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Aziz, A.S.A., Hanafi, S.EO., Hassanien, A.E. (2014). Multi-agent Artificial Immune System for Network Intrusion Detection and Classification. In: de la Puerta, J., et al. International Joint Conference SOCO’14-CISIS’14-ICEUTE’14. Advances in Intelligent Systems and Computing, vol 299. Springer, Cham. https://doi.org/10.1007/978-3-319-07995-0_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-07995-0_15

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-07994-3

  • Online ISBN: 978-3-319-07995-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation