A New Approach to Network Intrusion Detection Based on Hybrid Methods

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

PARSA S.; Aarabi S.H.R.

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: JOURNAL OF ELECTRONIC AND CYBER DEFENCE Year:2017 | Volume:5 | Issue:3 (19) Page(s): 79-93

Download Full-Text

Persian Verion

View:

743

Download:

Cites:

Information Journal Paper

Title

A New Approach to Network Intrusion Detection Based on Hybrid Methods

Author(s)

PARSA S. | Aarabi S.H.R. | Issue Writer Certificate

Keywords

Intrusion DetectionQ2

False-Positive RateQ1

Event LogQ1

Cross ValidationQ1

Traffic ClassificationQ1

Notification ServiceQ1

Abstract

The role of Intrusion Detection systems has been considered significant in network anomaly detection. New and unknown attacks have proved that signature-based detection methods are inefficient, and raised the attention to anomaly-based detection methods. Despite their great ability in anomaly detection, these methods suffer from high rate of false-alarms. Therefore, the idea of using hybrid Intrusion Detection systems is developed in order to reduce the false-alarm rate. In this paper, we propose a four-layered model based on hybrid methods. The first layer consists of data flow analysis and service type classification modules. The service type classifier uses both an n-gram-based statistical technique, and an evolutionary algorithm. In the Intrusion Detection layer, a signature-based and several anomaly-based detection modules have been implemented with hybrid methods. These specific detection modules are called according to the type of service which has been identified through the first layer. The decision-making layer is then called based on the results of Intrusion Detection process. This layer identifies the attack nature and the type of response, and then calls the event management layer. In this layer, network administrator is notified appropriately; and, responsive actions are managed if needed. Applying the cross-validation method shows that Intrusion Detection has been improved and, in result, the false alarm rate has been reduced.

Cites

No record.

References

No record.

Cite

APA: Copy

PARSA, S., & Aarabi, S.H.R.. (2017). A New Approach to Network Intrusion Detection Based on Hybrid Methods. JOURNAL OF ELECTRONIC AND CYBER DEFENCE, 5(3 (19) ), 79-93. SID. https://sid.ir/paper/243092/en

Vancouver: Copy

PARSA S., Aarabi S.H.R.. A New Approach to Network Intrusion Detection Based on Hybrid Methods. JOURNAL OF ELECTRONIC AND CYBER DEFENCE[Internet]. 2017;5(3 (19) ):79-93. Available from: https://sid.ir/paper/243092/en

IEEE: Copy

S. PARSA, and S.H.R. Aarabi, “A New Approach to Network Intrusion Detection Based on Hybrid Methods,” JOURNAL OF ELECTRONIC AND CYBER DEFENCE, vol. 5, no. 3 (19) , pp. 79–93, 2017, [Online]. Available: https://sid.ir/paper/243092/en

Related Journal Papers