Journal of Digital Convergence (디지털융복합연구)

The Society of Digital Policy and Management (한국디지털정책학회)
권호 표지
DOI QR코드

DOI QR Code

Comparison of Detection Performance of Intrusion Detection System Using Fuzzy and Artificial Neural Network

퍼지와 인공 신경망을 이용한 침입탐지시스템의 탐지 성능 비교 연구

  • Yang, Eun-Mok (School of Software, Soongsil University) ;
  • Lee, Hak-Jae (Dept. of Electronics and Computer Engineering, Chonnam National University) ;
  • Seo, Chang-Ho (Dept. of Applied Mathematics, Kongju National University)
  • 양은목 (숭실대학교 소프트웨어학부) ;
  • 이학재 (전남대학교 전자컴퓨터공학과) ;
  • 서창호 (공주대 응용수학과)
  • Received : 2017.04.14
  • Accepted : 2017.06.20
  • Published : 2017.06.28
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we compared the performance of "Network Intrusion Detection System based on attack feature selection using fuzzy control language"[1] and "Intelligent Intrusion Detection System Model for attack classification using RNN"[2]. In this paper, we compare the intrusion detection performance of two techniques using KDD CUP 99 dataset. The KDD 99 dataset contains data sets for training and test data sets that can detect existing intrusions through training. There are also data that can test whether training data and the types of intrusions that are not present in the test data can be detected. We compared two papers showing good intrusion detection performance in training and test data. In the comparative paper, there is a lack of performance to detect intrusions that exist but have no existing intrusion detection capability. Among the attack types, DoS, Probe, and R2L have high detection rate using fuzzy and U2L has a high detection rate using RNN.

본 논문에서는 "퍼지 컨트롤 언어를 이용한 공격 특징 선택기반 네트워크 침입탐지 시스템"[1]과 "RNN을 이용한 공격 분류를 위한 지능형 침입탐지 시스템 모델"[2]의 성능을 비교 하였다. 이 논문에서는 KDD CUP 99 데이터 셋[3]을 이용하여 두 기법의 침입 탐지 성능을 비교하였다. KDD CUP 99 데이터 셋에는 훈련을 위한 데이터 셋과 훈련을 통해 기존의 침입을 탐지 할 수 있는 테스트 데이터 셋이 있다. 또한 훈련 데이터 및 테스트 데이터에 존재 하지 않는 침입의 유형을 탐지할 수 있는가를 테스트 할 수 있는 데이터도 존재한다. 훈련 및 테스트 데이터에서 좋은 침입탐지 성능을 보이는 두 개의 논문을 비교하였다. 비교한 결과 존재하는 침입을 탐지 하는 성능은 우수하지만 기존에 존재하지 않는 침입을 탐지 하는 성능은 부족한 부분이 있다. 공격 유형 중 DoS, Probe, R2L는 퍼지를 이용하는 것이 탐지율이 높았고, U2L은 RNN을 이용하는 것이 탐지율이 높았다.

Keywords

References

  1. S. Ramakrishnan, S. Devaraju "Attack's Feature Selection-Based Network Intrusion Detection System Using Fuzzy Control Language" International Journal of Fuzzy Systems, 2016, 1-13.
  2. R. Bala Krishnan, N. R.Raajan "An Intellectual Intrusion Detection SystemModel for Attacks Classification using RNN" International Journal of Pharmacy & Technology, Vol. 8, No. 4, pp. 23157-23164
  3. KDD Cup 1999 Intrusion detection data: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
  4. Chirag Modi, Dhiren Patel, Bhavesh Borissaniya, Hiren Patel, Avi Patel, Muttukrishnan Rajarajan, "A Survey of intrusion Detection techniques in Cloud", Journal of Network and Computer Application, Vol. 36, pp. 42-57, 2013. https://doi.org/10.1016/j.jnca.2012.05.003
  5. Saniee A. M., Mohamadi, H., Habibi, J.: Design and analysis of genetic fuzzy systems for intrusion detection in computer net- works. Expert Syst. Appl 38, 7067-7075 (2011) https://doi.org/10.1016/j.eswa.2010.12.006
  6. Wang, G., Hao, J., Ma, H., Huang, "A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering", Elsevier Expert Syst. Appl. Vol. 37, pp. 6225-6232, 2010. https://doi.org/10.1016/j.eswa.2010.02.102
  7. Sheikhan, M., Jadidi, Z., Farrokhi, H., "A Intrusion detection using reduced-size RNN based on feature grouping", Neural Comput., Vol. 21, No. 6, pp. 1185-1190, 2010.
  8. Cingolani P.: jFuzzyLogic: open source fuzzy logic library and FCL language implementation (fcl code). http://jfuzzylogic.sourceforge.net/html/example_fcl.html
  9. Gupta, K.K., Nath, B., Kotagiri, R., "Layered approach using conditional random fields for intrusion detection", IEEE Trans. Dependable Sec. Comput., No. 7, Vol. 1, pp. 35-49, 2010. https://doi.org/10.1109/TDSC.2008.20
  10. Wei, N., Di, H., "A probability approach to anomaly detection with twin support vector machines", J. Shanghai Jiaotong Univ. (Sci.), Vol. 15, No. 4, pp. 385-391, 2010. https://doi.org/10.1007/s12204-010-1021-3
  11. Devaraju, S., Ramakrishnan, S., "Performance analysis of intrusion detection system using various neural network classifiers", IEEE Proc. Int. Conf. Recent Trends Info. Tech., No. 4, pp. 35-312, 2011.
  12. Anuar, N.B., Sallehudin, H., Gani, A., Zakari, O.," Identifying false alarm for network intrusion detection system using hybrid data mining and decision tree", Malays. J. Comput. Sci., Vol. 21, No. 2, pp. 101-115, 2008. https://doi.org/10.22452/mjcs.vol21no2.3
  13. Devaraju, S., Ramakrishnan, S., "Performance comparison for intrusion detection system using neural network with KDD dataset", ICTACT J. Soft Comput. Vol. 4, No. 3, pp. 743-752, 2014. https://doi.org/10.21917/ijsc.2014.0106
  14. Jiang, M., Gan, Z., Wang, C., Wang, Z., "Research of the intrusion detection model based on data mining", Elsevier Energy Proc Vol. 13, pp. 855-863, 2011. https://doi.org/10.1016/S1876-6102(14)00454-8
  15. Tajbakhsh, A., Rahmati, M., Mirzaei, A., "Intrusion detection using fuzzy association rules", Elsevier Appl. Soft Comput. Vol. 9, pp. 462-469, 2009. https://doi.org/10.1016/j.asoc.2008.06.001
  16. Hyung-Jin Mun, Yooncheol Hwang, Ho-Yeob Kim, "Countermeasure for Prevention and Detection against Attacks to SMB Information System - A Survey," Journal of IT Convergence Society for SMB, Vol. 5, No. 2, pp. 1-6, 2015
  17. Miyea Shin, Sunghyuck Hong, "A Defending Method Against DDoS Attacks With Router Control," Journal of IT Convergence Society for SMB, Vol. 5, No. 1, pp. 21-26, 2015
  18. You-Dong Yun, "Development of Smart Senior Classification Model based on Activity Profile Using Machine Learning Method", Journal of the Korea Convergence Society, Vol. 8. No. 1, pp. 25-34, 2017. https://doi.org/10.15207/JKCS.2017.8.1.025
  19. Myung-Seong Yim, "Development of Measures of Information Security Policy Effectiveness To Maximize the Convergence Security", Journal of the Korea Convergence Society, Vol. 5, No. 4, pp. 27-32, 2014. https://doi.org/10.15207/JKCS.2014.5.4.027