Skip to main content
SpringerLink
Log in

An intelligent intrusion detection system by using hierarchically structured learning automata

  • Original Article
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

Nowadays, intelligent learning environments are efficient and interesting solutions for many complicated problems. Learning automata is an intelligent decision-making scheme that follows a learning strategy to select the optimal action through repeated interactions with its environment. In this paper, we adopt this learning system to develop a high-performance intrusion detection system. Intrusion detection systems are based on either anomaly detection or misuse detection approaches. Only known attacks can be detected by misuse detection, but anomaly detection is intelligent enough to detect all the unknown attacks. This paper was aimed to detect anomaly intrusive behaviors inside the network, in a learning manner. Simulative study, done based on KDD Cup 99 dataset, shows that the proposed approach outperforms existing schemes in terms of the attack detection ratio and the false alarm ratio.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

Notes

  1. Linear Reward epsilon Penalty.

  2. Linear Reward Inaction.

References

  1. Analoui M, Jamali S (2008) Congestion control in the internet: inspiration from balanced food chains in the nature. J Netw Syst Manag 16(1):1–10

    Article  Google Scholar 

  2. Analoui M, Jamali S (2006) A conceptual framework for bio-inspired congestion control in communication networks. In: Proceedings of the 1st international conference on Bio inspired models of network, information and computing systems. ACM

  3. Jamali S, Shaker G (2014) PSO-SFDD: defense against SYN flooding DoS attacks by employing PSO algorithm. Comput Math Appl 55–61

  4. Jamali S, Shaker V (2014) Defense against SYN flooding attacks: a particle swarm optimization approach. Comput Electr Eng 40(6):2013–2025

    Article  Google Scholar 

  5. Rafe V (2013) Scenario-driven analysis of systems specified through graph transformations. J Vis Lang Comput 24(2):136–145

    Article  Google Scholar 

  6. Pietro R, Mancini LV (2010) Intrusion detection systems. Springer, New York

    Google Scholar 

  7. Chen CM, Chen YL, Lin HC (2012) An efficient network intrusion detection. Comput Commun 33(4):477–484

    Article  Google Scholar 

  8. Deepa AJ, Kavitha V (2014) A comprehensive survey on approaches to intrusion detection system. Procedia Eng 38:2063–2069

    Article  Google Scholar 

  9. KDD Cup 99 dataset. http://kdd.ics.uci.edu/databases/kddCup99/kddCup99.html Accessed 14 July 2009

  10. Dhak BS, Lade S (2012) An evolutionary approach to intrusion detection system using genetic algorithm. Int J Emerg Technol Adv Eng 2(12):632–637

    Google Scholar 

  11. Saha S, Sairam A, Ekbal A (2012) Genetic algorithm combined with support vector machine for building an intrusion detection system. In: International conference on advances in computing, communications and informatics

  12. Kachurka P, Golovko V (2011) Neural network approach to real-time network intrusion detection and recognition. In: Proceedings of the 6th IEEE international conference on intelligent data acquisition and advanced computing systems, pp 15–17

  13. Lakhinaet S, Joseph S, Verma B (2010) Feature reduction using principal component analysis for effective anomaly—based intrusion detection on NSL-KDD. Int J Eng Sci Technol 2:1790–1799

    Google Scholar 

  14. Rassam MA, Maarof MA (2014) Artificial immune network clustering approach for anomaly intrusion detection. J Adv Inf Technol 3(3):147–154

    Google Scholar 

  15. Kaur P, Vashisht Sh (2013) Mingle intrusion detection system using fuzzy logic. Int J Eng Adv Technol IJEAT 2(3):2249–8958

    Google Scholar 

  16. Altwaijry H, Algarny S (2013) Bayesian based intrusion detection system. J King Saud Univ Comput Inf Sci 24(1):1–6

    Google Scholar 

  17. Altwaijry H, Algarny S (2011) Multi-layer bayesian based intrusion detection system. In: Proceedings of the world congress on engineering and computer science

  18. Narendra KS, Thathaachar MAL (1989) Learning automata: an introduction. Prentice Hall, Englewood Cliffs

    Google Scholar 

  19. Oommen J, Misra S (2009) Cybernetics and learning automata. In: Nof S (ed) Handbook of automation, chapter 12. Springer, New York, pp 221–235

    Google Scholar 

  20. Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2013) A detailed analysis of the KDD Cup 99 dataset. Comput Intell Secur Def Appl 333–342

  21. Lippmann R, Haines JW, Fried DJ, Korba J, The Das K (1999) DARPA offline intrusion detection evaluation. Comput Netw 2000:579–595

    Google Scholar 

  22. Confusion Matrix. http://www.cs.uregina.ca/dbd/cs831/notes/confusion matrix/confusion matrix.html

  23. Kumar PAR, Selvakumar S (2015) Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Comput Commun 36(3):303–319

    Article  Google Scholar 

  24. Weka. http://www.cs.waikato.ac.nz/ml/Weka

  25. Louvieris P, Clewley N, Liu X (2015) Effects-based feature identification for network intrusion detection. Neurocomputing 121:265–273

    Article  Google Scholar 

  26. Davis JJ, Clark AJ (2013) Data preprocessing for anomaly based network intrusion detection. Comput Secur 30(6–7):353–375

    Google Scholar 

  27. Fayyad UM, Irani KB (1993) Multi-interval discretization of continuous-valued attributes for classification learning. In: Proceedings of the international joint conference on uncertainty in AI. 1022–1027

  28. Hesham A, Saeed A (2012) Bayesian based intrusion detection system. J Comput Inf Sci 24:1

    Google Scholar 

  29. Panda M, Ranjan M (2007) Network intrusion detection using Naïve Bayes. J Comput Sci Netw Secur 7(12):258–263

    Google Scholar 

  30. Abraham A, Thomas J (2004) Intrusion detection systems using decision trees and support vector machines. J Appl Sci Comput 11(3):1–16

    Google Scholar 

  31. Raghuwanshi V, Sisodia M (2011) Anomaly base network intrusion detection by using random decision tree and random projection a fast network intrusion detection technique. Netw Protoc Algorithms 3(4):93–107

    Google Scholar 

  32. Muda Z, Yassin W, Sulaiman MN, Udzir NI (2011) Intrusion detection based on K-means clustering and OneR classification. In: 7th international conference on information assurance and security (IAS). IEEE

Download references

Author information

Authors and Affiliations

  1. Computer Engineering Department, University of Mohaghegh Ardabili, Ardabil, Iran

    Shahram Jamali & Parisa Jafarzadeh

Authors
  1. Shahram Jamali
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Parisa Jafarzadeh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shahram Jamali.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jamali, S., Jafarzadeh, P. An intelligent intrusion detection system by using hierarchically structured learning automata. Neural Comput & Applic 28, 1001–1008 (2017). https://doi.org/10.1007/s00521-015-2116-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-015-2116-4

Keywords

Search

Navigation