A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis

The burgeoning growth of cyber-attacks, which have become more difficult to confine, has made intrusions much harder to detect and prevent. The development of technology has gradually encouraged the advent of more sophisticated intrusions, which generally cause the loss of critical data, time and...

Full description

Saved in:
Bibliographic Details
Main Author: Mohammed Nadir bin Ali
Format: Thesis
Language:English
Subjects:
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-usim-ddms-12776
record_format uketd_dc
spelling my-usim-ddms-127762024-05-29T04:58:56Z A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis Mohammed Nadir bin Ali The burgeoning growth of cyber-attacks, which have become more difficult to confine, has made intrusions much harder to detect and prevent. The development of technology has gradually encouraged the advent of more sophisticated intrusions, which generally cause the loss of critical data, time and money, security breaches, damage to software and hardware, the halt of normal operations, and damage to company reputation. In existing Intrusion Prevention Systems (IPSs), there is a high false positive rate, lack of conditional signature competence and inadequate standard intrusion classification to identify an intrusion. Therefore, there is a need for a new intrusion classification and an intrusion prevention model. Hence, this study aims to develop a new intrusion classification, and an enhanced model called the Network-based Intrusion Prevention System inspired by Apoptosis (NIPSA), by applying the conditional technique and apoptosis with the aim to achieve a better accuracy rate. The NIPSA model consists of the NIPSA Knowledge Discovery in Databases (KDD), the NIPSA intrusion classification, and the NIPSA intrusion apoptosis algorithm. Apoptosis is adapted from the human immunology system, a concept that has been integrated into the NIPSA model. Moreover, security metrics have been applied to assign weight and severity ranks and values, which act as input to trigger apoptosis. The CICIDS2017 dataset is used in this study, where the size of the training dataset and the testing dataset are 1183 and 788, respectively. The WEKA software was used to process the experimental data. Then, the proposed model in this study was evaluated by simulating it in WEKA using five different classification algorithms (SMO, J48, IBk, BayesNet, and Naïve-Bayes). The NIPSA model of intrusion classification based on the SMO algorithm produced results with an overall accuracy rate of 98.86%, 0.3% false positive rate, and 1.1% false negative rate. This result has been compared with a previous study and showed an improvement in false positive rate and false negative rate of 0.8% and 3.7%, respectively. As for the prevention part, an overall accuracy rate of 95.43% has been achieved by applying apoptosis to the proposed model. The results of this study could serve as a benchmark against future works in this field. Universiti Sains Islam Malaysia 2019-10 Thesis en https://oarep.usim.edu.my/handle/123456789/12776 https://oarep.usim.edu.my/bitstreams/97dc892b-1f14-43db-9e81-6ddfb283f434/download 8a4605be74aa9ea9d79846c1fba20a33 Cyber-attacks Security systems Security and privacy
institution Universiti Sains Islam Malaysia
collection USIM Institutional Repository
language English
topic Cyber-attacks
Security systems
Security and privacy
spellingShingle Cyber-attacks
Security systems
Security and privacy
Mohammed Nadir bin Ali
A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis
description The burgeoning growth of cyber-attacks, which have become more difficult to confine, has made intrusions much harder to detect and prevent. The development of technology has gradually encouraged the advent of more sophisticated intrusions, which generally cause the loss of critical data, time and money, security breaches, damage to software and hardware, the halt of normal operations, and damage to company reputation. In existing Intrusion Prevention Systems (IPSs), there is a high false positive rate, lack of conditional signature competence and inadequate standard intrusion classification to identify an intrusion. Therefore, there is a need for a new intrusion classification and an intrusion prevention model. Hence, this study aims to develop a new intrusion classification, and an enhanced model called the Network-based Intrusion Prevention System inspired by Apoptosis (NIPSA), by applying the conditional technique and apoptosis with the aim to achieve a better accuracy rate. The NIPSA model consists of the NIPSA Knowledge Discovery in Databases (KDD), the NIPSA intrusion classification, and the NIPSA intrusion apoptosis algorithm. Apoptosis is adapted from the human immunology system, a concept that has been integrated into the NIPSA model. Moreover, security metrics have been applied to assign weight and severity ranks and values, which act as input to trigger apoptosis. The CICIDS2017 dataset is used in this study, where the size of the training dataset and the testing dataset are 1183 and 788, respectively. The WEKA software was used to process the experimental data. Then, the proposed model in this study was evaluated by simulating it in WEKA using five different classification algorithms (SMO, J48, IBk, BayesNet, and Naïve-Bayes). The NIPSA model of intrusion classification based on the SMO algorithm produced results with an overall accuracy rate of 98.86%, 0.3% false positive rate, and 1.1% false negative rate. This result has been compared with a previous study and showed an improvement in false positive rate and false negative rate of 0.8% and 3.7%, respectively. As for the prevention part, an overall accuracy rate of 95.43% has been achieved by applying apoptosis to the proposed model. The results of this study could serve as a benchmark against future works in this field.
format Thesis
author Mohammed Nadir bin Ali
author_facet Mohammed Nadir bin Ali
author_sort Mohammed Nadir bin Ali
title A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis
title_short A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis
title_full A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis
title_fullStr A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis
title_full_unstemmed A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis
title_sort new model for network-based intrusion prevention system inspired by apoptosis
granting_institution Universiti Sains Islam Malaysia
_version_ 1812444882602557440