Abstract
Nowadays, intelligent learning environments are efficient and interesting solutions for many complicated problems. Learning automata is an intelligent decision-making scheme that follows a learning strategy to select the optimal action through repeated interactions with its environment. In this paper, we adopt this learning system to develop a high-performance intrusion detection system. Intrusion detection systems are based on either anomaly detection or misuse detection approaches. Only known attacks can be detected by misuse detection, but anomaly detection is intelligent enough to detect all the unknown attacks. This paper was aimed to detect anomaly intrusive behaviors inside the network, in a learning manner. Simulative study, done based on KDD Cup 99 dataset, shows that the proposed approach outperforms existing schemes in terms of the attack detection ratio and the false alarm ratio.
Similar content being viewed by others
Notes
Linear Reward epsilon Penalty.
Linear Reward Inaction.
References
Analoui M, Jamali S (2008) Congestion control in the internet: inspiration from balanced food chains in the nature. J Netw Syst Manag 16(1):1–10
Analoui M, Jamali S (2006) A conceptual framework for bio-inspired congestion control in communication networks. In: Proceedings of the 1st international conference on Bio inspired models of network, information and computing systems. ACM
Jamali S, Shaker G (2014) PSO-SFDD: defense against SYN flooding DoS attacks by employing PSO algorithm. Comput Math Appl 55–61
Jamali S, Shaker V (2014) Defense against SYN flooding attacks: a particle swarm optimization approach. Comput Electr Eng 40(6):2013–2025
Rafe V (2013) Scenario-driven analysis of systems specified through graph transformations. J Vis Lang Comput 24(2):136–145
Pietro R, Mancini LV (2010) Intrusion detection systems. Springer, New York
Chen CM, Chen YL, Lin HC (2012) An efficient network intrusion detection. Comput Commun 33(4):477–484
Deepa AJ, Kavitha V (2014) A comprehensive survey on approaches to intrusion detection system. Procedia Eng 38:2063–2069
KDD Cup 99 dataset. http://kdd.ics.uci.edu/databases/kddCup99/kddCup99.html Accessed 14 July 2009
Dhak BS, Lade S (2012) An evolutionary approach to intrusion detection system using genetic algorithm. Int J Emerg Technol Adv Eng 2(12):632–637
Saha S, Sairam A, Ekbal A (2012) Genetic algorithm combined with support vector machine for building an intrusion detection system. In: International conference on advances in computing, communications and informatics
Kachurka P, Golovko V (2011) Neural network approach to real-time network intrusion detection and recognition. In: Proceedings of the 6th IEEE international conference on intelligent data acquisition and advanced computing systems, pp 15–17
Lakhinaet S, Joseph S, Verma B (2010) Feature reduction using principal component analysis for effective anomaly—based intrusion detection on NSL-KDD. Int J Eng Sci Technol 2:1790–1799
Rassam MA, Maarof MA (2014) Artificial immune network clustering approach for anomaly intrusion detection. J Adv Inf Technol 3(3):147–154
Kaur P, Vashisht Sh (2013) Mingle intrusion detection system using fuzzy logic. Int J Eng Adv Technol IJEAT 2(3):2249–8958
Altwaijry H, Algarny S (2013) Bayesian based intrusion detection system. J King Saud Univ Comput Inf Sci 24(1):1–6
Altwaijry H, Algarny S (2011) Multi-layer bayesian based intrusion detection system. In: Proceedings of the world congress on engineering and computer science
Narendra KS, Thathaachar MAL (1989) Learning automata: an introduction. Prentice Hall, Englewood Cliffs
Oommen J, Misra S (2009) Cybernetics and learning automata. In: Nof S (ed) Handbook of automation, chapter 12. Springer, New York, pp 221–235
Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2013) A detailed analysis of the KDD Cup 99 dataset. Comput Intell Secur Def Appl 333–342
Lippmann R, Haines JW, Fried DJ, Korba J, The Das K (1999) DARPA offline intrusion detection evaluation. Comput Netw 2000:579–595
Confusion Matrix. http://www.cs.uregina.ca/dbd/cs831/notes/confusion matrix/confusion matrix.html
Kumar PAR, Selvakumar S (2015) Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Comput Commun 36(3):303–319
Louvieris P, Clewley N, Liu X (2015) Effects-based feature identification for network intrusion detection. Neurocomputing 121:265–273
Davis JJ, Clark AJ (2013) Data preprocessing for anomaly based network intrusion detection. Comput Secur 30(6–7):353–375
Fayyad UM, Irani KB (1993) Multi-interval discretization of continuous-valued attributes for classification learning. In: Proceedings of the international joint conference on uncertainty in AI. 1022–1027
Hesham A, Saeed A (2012) Bayesian based intrusion detection system. J Comput Inf Sci 24:1
Panda M, Ranjan M (2007) Network intrusion detection using Naïve Bayes. J Comput Sci Netw Secur 7(12):258–263
Abraham A, Thomas J (2004) Intrusion detection systems using decision trees and support vector machines. J Appl Sci Comput 11(3):1–16
Raghuwanshi V, Sisodia M (2011) Anomaly base network intrusion detection by using random decision tree and random projection a fast network intrusion detection technique. Netw Protoc Algorithms 3(4):93–107
Muda Z, Yassin W, Sulaiman MN, Udzir NI (2011) Intrusion detection based on K-means clustering and OneR classification. In: 7th international conference on information assurance and security (IAS). IEEE
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Jamali, S., Jafarzadeh, P. An intelligent intrusion detection system by using hierarchically structured learning automata. Neural Comput & Applic 28, 1001–1008 (2017). https://doi.org/10.1007/s00521-015-2116-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-015-2116-4