A genetic-based intelligent intrusion detection system

Download
2005
Özbey, Halil
In this study we address the problem of detecting new types of intrusions to computer systems which cannot be handled by widely implemented knowledge-based mechanisms. The solutions offered by behavior-based prototypes either suffer low accuracy and low completeness or require use data eplaining abnormal behavior which actually is not available. Our aim is to develop an algorithm which can produce a satisfactory model of the target system̕s behavior in the absence of negative data. First, we design and develop an intelligent and behavior-based detection mechanism using genetic-based machine learning techniques with subsidies in the Bucket Brigade Algorithm. It classifies the possible system states to be normal and abnormal and interprets the abnormal state observations as evidences for the presence of an intrusion. Next we provide another algorithm which focuses on capturing normal behavior of the target system to detect intrusions again by identifying anomalies. A compact and highly complete rule set is generated by continuously inserting observed states as rules into the rule set and combining similar rule pairs in each step. Experiments conducted using the KDD-99 data set have produced fairly good results for both of the algorihtms.

Suggestions

A web-based public procurement system
Turan, Hamide Karahan; Bilgen, Semih; Department of Information Systems (2004)
This study focuses on developing and implementing a web-based public procurement system. As one innovative way of enhancing public procurement, an attempt to develop and implement electronic tendering system is to be made. In designing the system, not only technological aspects but also issues related to public procurement process improvement are considered. As an analysis and design approach, object oriented methodology was chosen and UML was used. Java as a development language was preferred because the r...
A genetic algorithm for TSP with backhauls based on conventional heuristics
Önder, İlter; Özdemirel, Nur Evin; Department of Information Systems (2007)
A genetic algorithm using conventional heuristics as operators is considered in this study for the traveling salesman problem with backhauls (TSPB). Properties of a crossover operator (Nearest Neighbor Crossover, NNX) based on the nearest neighbor heuristic and the idea of using more than two parents are investigated in a series of experiments. Different parent selection and replacement strategies and generation of multiple children are tried as well. Conventional improvement heuristics are also used as mut...
Analysis of electronic signature in Turkey from the legal and economic perspectives and the awareness level in the country
İskender, Gökhan; Koçyiğit, Altan; Department of Information Systems (2006)
As in the case of other information technologies, the best way of obtaining efficient results from electronic signature application is integrating it to the legal and economic systems and increasing the awareness level of technology in the society. This thesis performs the legal and economic analyses of electronic signature in Turkey and measures the awareness level in the society. The analyses performed in the thesis show that electronic signature is not legally established in Turkey even the legal base is...
A complex event processing framework implementation using heterogeneous devices in smart environments
Kaya, Muammer Özge; Eren, Pekin Erhan; Department of Information Systems (2012)
Significant developments in microprocessor and sensor technology make wirelessly connected small computing devices widely available; hence they are being used frequently to collect data from the environment. In this study, we construct a framework in order to extract high level information in an environment containing such pervasive computing devices. In the framework, raw data originating from wireless sensors are collected using an event driven system and converted to simple events for transmission over a...
ITMEM-Information Technology Management Enhancement Model: assessment of information technology use in organizations
Sezgin, Emre; Özkan Yıldırım, Sevgi; Department of Information Systems (2010)
This study proposes a new model for the assessment of information technology (IT) use in public and private companies, which is called ITMEM- Information Technology Management Enhancement Model. This model aims to assist decision making processes in information technology management. For this purpose, a tool is developed to explore strengths and weaknesses of a company in IT use. The model was developed upon a three-folded structure including (1) academic studies in technology management, (2) best practices...
Citation Formats
H. Özbey, “A genetic-based intelligent intrusion detection system,” M.S. - Master of Science, Middle East Technical University, 2005.