A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis
The burgeoning growth of cyber-attacks, which have become more difficult to confine, has made intrusions much harder to detect and prevent. The development of technology has gradually encouraged the advent of more sophisticated intrusions, which generally cause the loss of critical data, time and...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Subjects: | |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-usim-ddms-12776 |
---|---|
record_format |
uketd_dc |
spelling |
my-usim-ddms-127762024-05-29T04:58:56Z A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis Mohammed Nadir bin Ali The burgeoning growth of cyber-attacks, which have become more difficult to confine, has made intrusions much harder to detect and prevent. The development of technology has gradually encouraged the advent of more sophisticated intrusions, which generally cause the loss of critical data, time and money, security breaches, damage to software and hardware, the halt of normal operations, and damage to company reputation. In existing Intrusion Prevention Systems (IPSs), there is a high false positive rate, lack of conditional signature competence and inadequate standard intrusion classification to identify an intrusion. Therefore, there is a need for a new intrusion classification and an intrusion prevention model. Hence, this study aims to develop a new intrusion classification, and an enhanced model called the Network-based Intrusion Prevention System inspired by Apoptosis (NIPSA), by applying the conditional technique and apoptosis with the aim to achieve a better accuracy rate. The NIPSA model consists of the NIPSA Knowledge Discovery in Databases (KDD), the NIPSA intrusion classification, and the NIPSA intrusion apoptosis algorithm. Apoptosis is adapted from the human immunology system, a concept that has been integrated into the NIPSA model. Moreover, security metrics have been applied to assign weight and severity ranks and values, which act as input to trigger apoptosis. The CICIDS2017 dataset is used in this study, where the size of the training dataset and the testing dataset are 1183 and 788, respectively. The WEKA software was used to process the experimental data. Then, the proposed model in this study was evaluated by simulating it in WEKA using five different classification algorithms (SMO, J48, IBk, BayesNet, and Naïve-Bayes). The NIPSA model of intrusion classification based on the SMO algorithm produced results with an overall accuracy rate of 98.86%, 0.3% false positive rate, and 1.1% false negative rate. This result has been compared with a previous study and showed an improvement in false positive rate and false negative rate of 0.8% and 3.7%, respectively. As for the prevention part, an overall accuracy rate of 95.43% has been achieved by applying apoptosis to the proposed model. The results of this study could serve as a benchmark against future works in this field. Universiti Sains Islam Malaysia 2019-10 Thesis en https://oarep.usim.edu.my/handle/123456789/12776 https://oarep.usim.edu.my/bitstreams/97dc892b-1f14-43db-9e81-6ddfb283f434/download 8a4605be74aa9ea9d79846c1fba20a33 Cyber-attacks Security systems Security and privacy |
institution |
Universiti Sains Islam Malaysia |
collection |
USIM Institutional Repository |
language |
English |
topic |
Cyber-attacks Security systems Security and privacy |
spellingShingle |
Cyber-attacks Security systems Security and privacy Mohammed Nadir bin Ali A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis |
description |
The burgeoning growth of cyber-attacks, which have become more difficult to confine,
has made intrusions much harder to detect and prevent. The development of technology
has gradually encouraged the advent of more sophisticated intrusions, which generally
cause the loss of critical data, time and money, security breaches, damage to software
and hardware, the halt of normal operations, and damage to company reputation. In
existing Intrusion Prevention Systems (IPSs), there is a high false positive rate, lack of
conditional signature competence and inadequate standard intrusion classification to
identify an intrusion. Therefore, there is a need for a new intrusion classification and an
intrusion prevention model. Hence, this study aims to develop a new intrusion
classification, and an enhanced model called the Network-based Intrusion Prevention
System inspired by Apoptosis (NIPSA), by applying the conditional technique and
apoptosis with the aim to achieve a better accuracy rate. The NIPSA model consists of
the NIPSA Knowledge Discovery in Databases (KDD), the NIPSA intrusion
classification, and the NIPSA intrusion apoptosis algorithm. Apoptosis is adapted from
the human immunology system, a concept that has been integrated into the NIPSA
model. Moreover, security metrics have been applied to assign weight and severity
ranks and values, which act as input to trigger apoptosis. The CICIDS2017 dataset is
used in this study, where the size of the training dataset and the testing dataset are 1183
and 788, respectively. The WEKA software was used to process the experimental data.
Then, the proposed model in this study was evaluated by simulating it in WEKA using
five different classification algorithms (SMO, J48, IBk, BayesNet, and Naïve-Bayes).
The NIPSA model of intrusion classification based on the SMO algorithm produced
results with an overall accuracy rate of 98.86%, 0.3% false positive rate, and 1.1% false
negative rate. This result has been compared with a previous study and showed an
improvement in false positive rate and false negative rate of 0.8% and 3.7%,
respectively. As for the prevention part, an overall accuracy rate of 95.43% has been
achieved by applying apoptosis to the proposed model. The results of this study could
serve as a benchmark against future works in this field. |
format |
Thesis |
author |
Mohammed Nadir bin Ali |
author_facet |
Mohammed Nadir bin Ali |
author_sort |
Mohammed Nadir bin Ali |
title |
A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis |
title_short |
A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis |
title_full |
A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis |
title_fullStr |
A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis |
title_full_unstemmed |
A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis |
title_sort |
new model for network-based intrusion prevention system inspired by apoptosis |
granting_institution |
Universiti Sains Islam Malaysia |
_version_ |
1812444882602557440 |