skip to main content
10.1145/2816839.2816914acmotherconferencesArticle/Chapter ViewAbstractPublication PagesiciipConference Proceedingsconference-collections
research-article

A Hybrid Intrusion Detection Approach Using Ant Colony System and Simulated Annealing (ACS-SA)

Published: 23 November 2015 Publication History

Abstract

With the increase in the number and complexity of attacks, Computer security has become one of the most challenging tasks. Intrusion detection system (IDS) is an important component in security infrastructures that aims to detect all intrusions in an efficient manner.
Intrusion detection by security audit trail analysis consists in detecting predefined attack scenarios in the audit trails. Each attack scenario is defined by a number of occurrences of auditable events. This problem is classified as an NP-Hard combinatorial optimization problem.
In this paper we propose to hybrid two powerful optimization algorithms, Ant Colony System (ACS) with Simulated Annealing (SA) to solve such problem. The proposed approach named ACS-SA uses ACS algorithm with a novel pheromone update method and SA as local search algorithm with a new neighborhood generation mechanism. Furthermore, in order to find the best balance between the need for detecting all possible attacks and the need for avoiding attacks that do not exist, new fitness function based on Manhattan distance is proposed. Experimental study shows that the proposed approach gives good results in term of true positive rate, false positive rate and computational cost.

References

[1]
M. Daoudi. Security audit trail analysis using harmony search algorithm. The Eighth International Conference on Systems: ICONS, 2011.
[2]
M. Daoudi. An intrusion detection approach using an adaptative parameter-free algorithm. The Ninth International Conference on Systems, pages 178--184, 2014.
[3]
M. Daoudi, A. Boukra, and M. Ahmed-Nacer. Security audit trail analysis with biogeography based optimization metaheuristic. Proceedings of the International Conference on Informatics Engineering Information Science: ICIES. Springer-Verlag Berlin Heidelberg, pages 218--227, 2011.
[4]
M. Dass. Lids: A learning intrusion detection system, 2003. Master of Science, The University of Georgia, Athens, Georgia.
[5]
A. Diaz-Gomez and D. F. Hougen. A genetic algorithm approach for doing misuse detection in audit trail files. CIC 06 Proceedings of the 15th International Conference on Computing, IEEE Computer Society, pages 329--335, 2006.
[6]
E. Dorigo and L. Gambardella. Ant colonies for the traveling salesman problem. BioSystems, vol. 43, pages 73--81, 1997.
[7]
Y. Guan, A. Ghorbani, and N. Belacel. Y-means: a clustering method for intrusion detection. Canadian Conference on Electrical and Computer Engineering, pages 1083--1086, 2003.
[8]
S. Kirkpatrick, C. Gelatt, and M. Vecchi. Optimization by simulated annealing. SCIENCE, pages 671--680, 1983.
[9]
C. Kolias, G. Kambourakis, and M. Maragoudakis. Swarm intelligence in intrusion detection: A survey-computers security. Elsevier, 2011.
[10]
W. Lee, J. Salvatore, and K. Mok. Mining audit data to build intrusion detection models. Proceedings of ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 66--72, 1998.
[11]
P. G. Majeed and S. Kumar. Genetic algorithms in intrusion detection systems: A survey. International Journal of Innovation and Applied Studies, Vol.5, pages 233--240, 2014.
[12]
L. Mé. Audit de sécurité par algorithmes génétiques. PhD thesis, Institut de Formation Supérieure en Informatique et de Communication de Rennes, 1994.
[13]
D. Vinchurkar and A. Reshamwala. A review of intrusion detection system using neural network and machine learning technique. International Journal of Engineering Science and Innovative Technology, 2012.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
IPAC '15: Proceedings of the International Conference on Intelligent Information Processing, Security and Advanced Communication
November 2015
495 pages
ISBN:9781450334587
DOI:10.1145/2816839
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 November 2015

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Manhattan distance
  2. NP-Hard
  3. ant colony system
  4. combinatorial optimization problem
  5. intrusion detection
  6. security audit trail analysis
  7. simulated annealing

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

IPAC '15

Acceptance Rates

Overall Acceptance Rate 87 of 367 submissions, 24%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 06 Jan 2025

Other Metrics

Citations

Cited By

View all

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media