Hybrid Classification Algorithm For Denial Of Service Attack Detection Using Rough Set Theory And Artificial Immune

Denial of Service (DoS) attacks is one of the security threats for computer systems and applications. It usually makes use of software bugs to crash or freeze a service or network resource or bandwidth limits by making use of a flood attack to saturate all bandwidth. Predicting a potential DOS attac...

Full description

Saved in:
Bibliographic Details
Main Author: Fatin Norsyafawati, Mohd Sabri
Format: Thesis
Language:English
Published: Universiti Sains Islam Malaysia 2018
Subjects:
Online Access:http://ddms.usim.edu.my:80/jspui/handle/123456789/16010
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Denial of Service (DoS) attacks is one of the security threats for computer systems and applications. It usually makes use of software bugs to crash or freeze a service or network resource or bandwidth limits by making use of a flood attack to saturate all bandwidth. Predicting a potential DOS attacks would be very helpful for an IT departments or managements to optimize the security of intrusion detection system (IDS). Nowdays, false alarm rates and accuracy become the main subject to be addressed in measuring the effectiveness of IDS. Thus, the purpose of this work is to propose a classifier that is capable of reducing the false alarm rates and increase the accuracy of the detection system. This study applied Artifical Immune System (AIS) in IDS by introducing an improved AIS in IDS by integrating rough set theory (RST) with Artifical Immune Recognition System 1 (AIRS) algorithm (Rough-AIRS1) to categorize the DoS samples. RST is expected to be able to reduce the redundant features from huge amount of data that is capable to increase the performance of the classification. Furthermore, AIS is an incremental learning approach that will minimize duplications of cases in a knowledge based. It will be efficient in terms of memory storage and speed in searching for similarities in Intrusion Detection (IDS) attacks patterns. This study uses NSL-KDD 20% train dataset to test the classifiers. Then, the performances were compared with single AIRS1 and J48 algorithm. Results from these experiments showed that Rough-AIRS1 has lower number of false alarm rate compared to single AIRS but a little bit higher than J48. However, accuracy for this hybrid technique is lower compared to others due to higher memory cell replacement.