Implementation of hybrid artificial intelligence technique to detect covert channels in new generation network protocol IPv6

Part of book or chapter of book English OPEN
Salih, A ; Ma, X ; Peytchev, E (2017)

Intrusion detection systems offer monolithic way to detect attacks through monitoring, searching for abnormal characteristics and malicious behavior in network communications. Cyber-attack is performed through using covert channel which currently, is one of the most sophisticated challenges facing network security systems. \ud Covert channel is used to ex/infiltrate classified information from legitimate targets, consequently, this \ud manipulation violates network security policy and privacy. The New Generation Internet Protocol version 6 (IPv6) has certain security vulnerabilities and need to be addressed using further advanced techniques. Fuzzy rule is implemented to classify different network attacks as an advanced machine learning technique, meanwhile, \ud Genetic algorithm is considered as an optimization technique to obtain the ideal fuzzy rule. This paper suggests a novel hybrid covert channel detection system implementing two Artificial Intelligence (AI) techniques; Fuzzy Logic and Genetic Algorithm (FLGA) to gain sufficient and optimal detection rule against covert channel. Our \ud approach counters sophisticated network unknown attacks through an advanced analysis of deep packet inspection. Results of our suggested system offer high detection rate of 97.7% and a better performance in comparison to previous tested techniques.
  • References (20)
    20 references, page 1 of 2

    Bahaman, N., Anton Satria, P., & Mas' ud, Z. (2011). Implementation of IPv6 network testbed: Intrusion detection system on transition mechanism. Journal of Applied Sciences, 11(1), 118-124.

    Chen, S. H., Jakeman, A. J., & Norton, J. P. (2008). Artificial intelligence techniques: an introduction to their use for modelling environmental systems. Mathematics and Computers in Simulation, 78(2), 379-400.

    Choudhary, A. R. (2009, November). In-depth analysis of IPv6 security posture. In 2009 5th International Conference on Collaborative Computing: Networking, Applications and Worksharing.

    Fries, T. P. (2008, July). A fuzzy-genetic approach to network intrusion detection. In Proceedings of the 10th annual conference companion on Genetic and evolutionary computation (pp. 2141-2146). ACM.

    Gomez, J., & Dasgupta, D. (2002, June). Evolving fuzzy classifiers for intrusion detection. In Proceedings of the 2002 IEEE Workshop on Information Assurance (Vol. 6, No. 3, pp. 321-323). New York: IEEE Computer Press.

    Hoque, M. S., Mukit, M., Bikas, M., & Naser, A. (2012). An implementation of intrusion detection system using genetic algorithm. ArXiv preprint arXiv: 1204.1336.

    Jongsuebsuk, P., Wattanapongsakorn, N., & Charnsripinyo, C. (2013, January). Network intrusion detection with Fuzzy Genetic Algorithm for unknown attacks. In Information Networking (ICOIN), 2013 International Conference on (pp. 1-5). IEEE.

    Liu, Z., & Lai, Y. (2009). A data mining framework for building intrusion detection models based on IPv6. In Advances in Information Security and Assurance (pp. 608-618). Springer Berlin Heidelberg.

    Mahoney, M. V., & Chan, P. K. (2003, September). An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection. InRecent Advances in Intrusion Detection (pp. 220-237). Springer Berlin Heidelberg.

    Marc, Hauser. (2013).”IPv6 Security Vulnerabilities” Available https://www.thc.org/thc-ipv6 . Accessed 10 Feb 2016.

  • Metrics
    0
    views in OpenAIRE
    0
    views in local repository
    112
    downloads in local repository

    The information is available from the following content providers:

    From Number Of Views Number Of Downloads
    Institutional Repository - IRUS-UK 0 112
Share - Bookmark