Abstract :
Byline: Mahdi Mohammadi (1), Ahmad Akbari (2), Bijan Raahemi (1), Babak Nassersharif (3), Hassan Asgharian (2) Keywords: Network security; Anomaly detection; Artificial immune systems; Sample reduction; Parzen window estimation Abstract: In this paper, we propose anomaly based intrusion detection algorithms in computer networks using artificial immune systems, capable of learning new attacks. Unique characteristics and observations specific to computer networks are considered in developing faster algorithms while achieving high performance. Although these characteristics play a key role in the proposed algorithms, we believe they have been neglected in the previous related works. We evaluate the proposed algorithms on a number of well-known intrusion detection datasets, as well as two new real datasets extracted from the data networks for intrusion detection. We analyze the detection performance and learning capabilities of the proposed algorithms, in addition to performance criteria such as false alarm rate, detection rate, and response time. The experimental results demonstrate that the proposed algorithms exhibit fast response time, low false alarm rate, and high detection rate. They can also learn new attack patterns, and identify them the next time they are introduced to the network. Author Affiliation: (1) University of Ottawa, 55 Laurier Ave, E., Ottawa, ON, K1N 6N5, Canada (2) Department of Computer Engineering, Iran University of Science and Technology, University Road, Hengam Street, Resalat Square, Tehran, Iran (3) Electrical and Computer Engineering Department, K.N. Toosi University of Technology, Tehran, Iran Article History: Registration Date: 04/12/2013 Received Date: 03/04/2013 Accepted Date: 03/12/2013 Online Date: 25/12/2013