Abstract
A new approach inspired by bees’ defensive behaviour in nature is proposed to improve Intrusion Detection System (IDS). In honeybee colonies, guards discriminate nestmates from non-nestmates at a hive entrance using an approach contains Undesirable-Absent (UA) or Desirable-Present (DP), and Filtering Decision (FD) methods. These methods are used to detect intruder and classify its type. In the proposed approach, the UA detector is responsible for detecting pre-defined attacks based on their attack signatures. Neural network trained by Bees Algorithm (BA) was used to learn the patterns of attacks given in training dataset and use these patterns to find specific attacks in test dataset. The DP detector is responsible for detecting anomalous behaviours based on the trained normal behaviour model. Finally, FD method is used to train the UA detector in real-time to detect new intrusions. The performance of the proposed IDS is evaluated by using KDD’99 dataset, the benchmark dataset used by IDS researchers. The experiments show that the proposed approach is applied successfully and able to detect many different types of intrusions, while maintaining a low false positive rate.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
CSO, Deloitte’s Center for Security & Privacy Solutions (2010), http://www.csoonline.com
Anderson, J. P.: Computer security threat monitoring and surveillance. Technical report, James P. Anderson Co., Fort Washington, Pennsylvania (April 1980)
Rains, G.C., Tomberlin, J.K., Kulasiri, D.: Using insect sniffing devices for detection. Trends in Biotechnology 26(6), 288–294 (2008)
Srinoy, S.: Intrusion Detection Model Based On Particle Swarm Optimization and Support Vector Machine. In: Computational Intelligence in Security and Defense Applications, CISDA 2007, pp. 186–192. IEEE Computer Society Press, Los Alamitos (2007)
Couvillon, M.J., et al.: En garde: rapid shifts in honeybee, Apis mellifera, guarding behaviour are triggered by onslaught of conspecific intruders. Animal Behaviour 76(5), 1653–1658 (2008)
Butler, C.G., The, F.J.: behaviour of worker honeybees at the hive entrance. Behaviour 4, 263–291 (1952)
Stein, G., Chen, B., Wu, A.S., Hua, K.A.: Decision tree classifier for network intrusion detection with GA-based feature selection. In: Proceedings of the 43rd annual Southeast regional conference - Volume 2 (ACM-SE 43), vol. 2, pp. 136–141. ACM, New York (2005), doi:10.1145/1167253.1167288
Pham, D.T., Ghanbarzadeh, A., Koc, E., Otri, S., Rahim, S., Zaidi, M.: The bees algorithm—a novel tool for complex optimisation problems. In: Proceedings of IPROMS, Conference, Cardiff, UK, pp. 454– 461 (2006a)
Pham, D.T., Ghanbarzadeh, A., Koc, E., Otri, S.: Application of the bees algorithm to the training of radial basis function networks for control chart pattern recognition. In: Proceedings of 5th CIRP international seminar on intelligent computation in manufacturing engineering (CIRP ICME 2006), Ischia, Italy (2006b)
Pham, D.T., Koc, E., Ghanbarzadeh, A., Otri, S.: Optimisation of the weights of multi-layered perceptrons using the bees algorithm. In: Proceedings of 5th international symposium on intelligent manufacturing systems (2006)
Kitching, I.J.: Phylogeny of the death’s head hawkmoths, Acherontia[Laspeyres], and related genera (Lepidoptera: Sphingidae: Sphinginae: Acherontiini. Systematic Entomology, 71–88 (2003), doi:10.1046/j.1365-3113
Breed, D.E., Guzmán-Novoa, G.J.: 3 Hunt, Defensive behavior of honey bees:organization, genetics, and comparisons with other Bees. Annual Review of Entomology 49, 271–298 (2004)
Ali, G.A., Jantan, A., Ali, A.: Honeybee-Based Model to Detect Intrusion. In: Park, J.H., Chen, H.-H., Atiquzzaman, M., Lee, C., Kim, T.-h., Yeo, S.-S. (eds.) ISA 2009. LNCS, vol. 5576, pp. 598–607. Springer, Heidelberg (2009)
Ryan, J., Lin, M.J., Miikkulainen, R.: Intrusion detection with neural networks. MIT Press, Cambridge (1998)
Wang, G., Hao, J., Ma, J., Huang, L.: A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering. Expert Syst. Appl. 37(9), 102 (2010), doi:10.1016/j.eswa.2010.02.102
Feng, Y., Zhong, J., Xiong, Z., Ye, C., Wu, K.: Network Anomaly Detection Based on DSOM and ACO Clustering. In: Liu, D., Fei, S., Hou, Z., Zhang, H., Sun, C. (eds.) ISNN 2007. LNCS, vol. 4492, pp. 947–955. Springer, Heidelberg (2007), http://dx.doi.org/10.1007/978-3-540-72393-6_113
Feng, Y.Z., Wu, K., Wu, Z.: An unsupervised anomaly intrusion detection algorithm based on swarm intelligence. In: Feng, Y.Z., Wu, K., Wu, Z. (eds.) Proceedings of 2005 International Conference on Machine Learning and Cybernetics, vol. 7, pp. 3965–3969. IEEE Computer Society Press, Los Alamitos (2005)
Feng, Y.J., Zhong, J., Ye, C., Wu, Z.: Clustering based on self-organizing ant colony networks with application to intrusion detection. In: Ceballos, S. (ed.) Proceedings of 6th International Conference on Intelligent Systems Design and Applications (ISDA 2006), Jinan, China, pp. 3871–3875. IEEE Computer Society Press, Washington, DC, USA (2006)
Pham, D.T., Afify, A., Koc, E.: Manufacturing cell formation using the bees algorithm. In: IPROMS 2007: Innovative Production Machines and Systems Virtual Conference, Cardiff, UK (2007)
Pham, D.T., Castellani, M., Ghanbarzadeh, A.: Preliminary design using the bees algorithm. In: Proceedings of Eighth International Conference on Laser Metrology, CMM and Machine tool Performance, LAMDAMAP, Euspen, Cardiff, UK, pp. 420–429 (2007)
Pham, D.T., Otri, S., Afify, A.A., Mahmuddin, M., Al-Jabbouli, H.: Data clustering using the bees algorithm. In: Proceedings of 40th CIRP International Manufacturing Systems Seminar (2007)
Pham, D.T., Koc, E., Lee, J., Phrueksanant, J.: Using the bees algorithm to schedule jobs for a machine. In: Proceedings of Eighth International Conference on Lasermetrology, CMM and machine tool performance, pp. 430–439 (2007h)
Pham, D.T., Ghanbarzadeh, A., Otri, S., Koç, E.: Optimal design of mechanical components using the Bees Algorithm. Proceedings of the Institution of Mechanical Engineers, Part C: Journal of Mechanical Engineering Science (May 1, 2009), doi:10.1243/09544062JMES838
Bahamish, H., Abdullah, R., Salam, R.: Protein conformational search using bees algorithm. In: AICMS 2008: Second Asia International Conference on Modeling and Simulation, pp. 911–916 (2008)
Guney, K., Onay, M.: Bees algorithmfor design of dual-beamlinear antenna arrayswith digital attenuators and digital phase shifters. Int. J. RF Microw Comput-Aided Eng. 18(4), 337–347 (2008)
Guney, K., Onay, M.: Bees algorithm for interference suppression of linear antenna arrays by controlling the phase-only and both the amplitude and phase. Expert Systems with Applications 37(4), 957–4174 (2010), doi:10.1016/j.eswa.2009.09.072, ISSN 0957-4174
Spath, H.: Clustering Analysis Algorithms, p. 1980. Wiley, Chichester
Ali, G.A., Lu, W., Tavallaee, M.: Network Intrusion Detection and Prevention: Concepts and Techniques, 1st edn. Springer Publishing Company, Heidelberg (2009) (Incorporated)
Toosi, A.N., Kahani, M.: A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers. Computer communications 30, 2201–2212 (2007)
Pfahringer: Winning the KDD99 classification cup: Bagged boosting. KDD 1999 1(2), 67–75 (2000)
Jirapummin, C., Wattanapongsakorn, N., Kanthamanon, P.: Hybrid neural networks for intrusion detection systems. In: Proc. of The 2002 International Technical Conference on Circuits/Systems, Computers and Communications (ITC-CSCC 2002), pp. 928–931 (2002)
Alshammari, R., Sonamthiang, S., Teimouri, M., Riordan, D.: Using neuro-fuzzy approach to reduce false positive alerts. In: Fifth Annual Conference on Communication Networks and Services Research (CNSR 2007), pp. 345–349. IEEE Computer Society Press, Los Alamitos (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ali, G.A., Jantan, A. (2011). A New Approach Based on Honeybee to Improve Intrusion Detection System Using Neural Network and Bees Algorithm. In: Zain, J.M., Wan Mohd, W.M.b., El-Qawasmeh, E. (eds) Software Engineering and Computer Systems. ICSECS 2011. Communications in Computer and Information Science, vol 181. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22203-0_65
Download citation
DOI: https://doi.org/10.1007/978-3-642-22203-0_65
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22202-3
Online ISBN: 978-3-642-22203-0
eBook Packages: Computer ScienceComputer Science (R0)