IJCNIS Vol. 12, No. 2, 8 Apr. 2020
Cover page and Table of Contents: PDF (size: 740KB)
Full Text (PDF, 740KB), PP.32-40
Views: 0 Downloads: 0
Intrusion, IDS, SIDS, AIDS, port scan, Naive Bayes classifier, potential port number
The rapid development of information technology has also accompanied by an increase in activities classified as dangerous and irresponsible, such as information theft. In the field of network systems, this kind of activity is called intrusion. Intrusion Detection System (IDS) is a system that prevents intrusion and protecting both hosts and network assets. At present, the development of various techniques and methods for implementing IDS is a challenge, along with the increasing pattern of intrusion activities. The various methods used in IDS have generally classified into two types, namely Signature-Based Intrusion Detection System (SIDS) and the Anomaly-Based Intrusion Detection System (AIDS).
When a personal computer (PC) connected to the Internet, a malicious attacker tries to enter and exploit it. One of the most commonly used techniques in accessing open ports which are the door for applications and services that use connections in TCP/IP networks. Open ports indicate a particular process where the server provides certain services to clients and vice versa.
This study applies the Naïve Bayes classifier to predict port numbers that have the potential to change activity status from "close" to "open" and vice versa. Predictable potential port numbers can be a special consideration for localizing monitoring activities in the future. The method applied is classified as AIDS because it based on historical data of port activity obtained through the port scan process, regardless of the type of attack. Naïve Bayes classifier is determined to have two event conditions that predict the occurrence of specific port numbers when they occur in specified duration and activity status. The study results have shown a 70% performance after being applied to selected test data.
Rheo Malani, Arief Bramanto Wicaksono Putra, Muhammad Rifani, "Implementation of the Naive Bayes Classifier Method for Potential Network Port Selection", International Journal of Computer Network and Information Security(IJCNIS), Vol.12, No.2, pp.32-40, 2020. DOI: 10.5815/ijcnis.2020.02.04
[1] A. Khraisat, I. Gondal, P. Vamplew et al., “Survey of intrusion detection systems: techniques, datasets and challenges,” Cybersecurity, vol. 2, no. 1, 2019.
[2] W. Alhakami, “Alerts Clustering for Intrusion Detection Systems: Overview and Machine Learning Perspectives,” International Journal of Advanced Computer Science and Applications (IJACSA), vol. 10, no. 5, 2019.
[3] R. Bogdan, “ Detecting Malicious Codes: A Signature-Based Solution,” International Conference on Computer and Software Modeling, IACSIT Press, Singapore, 2011.
[4] P. H, A. A, J. M et al., “Signature-Based IDS for Software-Defined Networking,” International Journal of Science, Engineering and Technology Research (IJSETR), vol. 7, no. 9, 2018.
[5] P. P. Ioulianou, V. G. Vassilakis, I. D. Moscholios et al., “A Signature-based Intrusion Detection System for the Internet of Things,” White Rose Research Online, University of York, 2018.
[6] V. Kumar, and D. O. P. Sangwan, “Signature Based Intrusion Detection System Using SNORT,” International Journal of Computer Applications & Information Technology, vol. I, no. III, 2012.
[7] N. Mastorakis, A. Andreatos, V. Moussas et al., “A Novel Intrusion Detection System Based on Neural Networks,” MATEC Web of Conferences, vol. 292, pp. 03017, 2019.
[8] W. Meng, W. Li, C. Su et al., “Enhancing Trust Management for Wireless Intrusion Detection via Traffic Sampling in the Era of Big Data,” IEEE Access, vol. 6, pp. 7234-7243, 2018.
[9] Prof.D.P.Gaikwad, P. Pabshettiwar, P. Musale et al., “A Proposal for Implementation of Signature Based Intrusion Detection System Using Multithreading Technique,” International Journal Of Computational Engineering Research, vol. 2, no. 7, 2012.
[10] N. Sameera, and M. Shashi, “Transfer Learning Based Prototype for Zero-Day Attack Detection,” International Journal of Engineering and Advanced Technology (IJEAT), vol. 8, no. 4, 2019.
[11] S. N. Shah, and M. P. Singh, “Signature-Based Network Intrusion Detection System Using SNORT And WINPCAP ” International Journal of Engineering Research & Technology (IJERT), vol. 1, no. 10, 2012.
[12] Thamizharasi.E, and P.Salini, “Survey on Fuzzy Based Extreme Learning Machine for Intrusion Detection ” IOSR Journal of Engineering (IOSR JEN), pp. 69-76, 2019.
[13] S. Aljawarneh, M. Aldwairi, and M. B. Yassein, “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model,” Journal of Computational Science, vol. 25, pp. 152-160, 2018.
[14] S. K. Amrita, “Machine Learning and Feature Selection Approach for Anomaly based Intrusion Detection: A Systematic Novice Approach ” International Journal of Innovative Technology and Exploring Engineering (IJITEE), vol. 8, no. 6S, 2019.
[15] S. Jose, D. Malathi, B. Reddy et al., “A Survey on Anomaly Based Host Intrusion Detection System,” Journal of Physics: Conference Series, vol. 1000, pp. 012049, 2018.
[16] S. Khonde, and U. Venugopal, “Hybrid Architecture for Distributed Intrusion Detection System,” Ingénierie des systèmes d information, vol. 24, no. 1, pp. 19-28, 2019.
[17] H. Li, F. Wei, and H. Hu, “Enabling Dynamic Network Access Control with Anomaly-based IDS and SDN,” SDN/NFV Security Architecture, Association for Computing Machinery (ACM), https://doi.org/10.1145/3309194.3309199, pp. 13-16, 2019.
[18] E. Nikolova, and V. Jecheva, “Applications of Clustering Methods to Anomaly-Based Intrusion Detection Systems,” 8th International Conference on Database Theory and Application, Jeju, South Korea, pp. 37-41, 2015.
[19] Z. Rustam, and A. S. Talita, “Fuzzy Kernel Robust Clustering for Anomaly based Intrusion Detection ” Third International Conference on Informatics and Computing (ICIC), Palembang, Indonesia, Indonesia, IEEE, 2018.
[20] B. A. Tama, M. Comuzzi, and K.-H. Rhee, “TSE-IDS: A Two-Stage Classifier Ensemble for Intelligent Anomaly-based Intrusion Detection System,” IEEE Access, vol. 7, 2019.
[21] N. T. T. Van, and T. N. Thinh, “Accelerating Anomaly-Based IDS Using Neural Network on GPU,” 2015 International Conference on Advanced Computing and Applications, Ho Chi Minh City, Vietnam, pp. 67-74, 2015.
[22] F. Wang, H. Zhu, B. Tian et al., “A HMM-based method for Anomaly Detection,” 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology, Shenzhen, China, 2011.
[23] C. Young, H. Olufowobi, G. Bloom et al., “Automotive Intrusion Detection Based on Constant CAN Message Frequencies Across Vehicle Driving Modes,” Association for Computing Machinery (ACM ), https://doi.org/10.1145/3309171.3309179, pp. 9-14, 2019.
[24] D. AKSU, and M. A. AYDIN, “Detecting Port Scan Attempts with ComparativeAnalysis of Deep Learning and Support VectorMachine Algorithms,” 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), ANKARA, Turkey, Turkey, IEEE, 2018.
[25] M. Al-Qatf, Y. Lasheng, M. Al-Habib et al., “Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection,” IEEE Access, vol. 6, pp. 52843-52856, 2018.
[26] G. Karatas, O. Demir, and O. K. Sahingoz, “Deep Learning in Intrusion Detection Systems,” 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), ANKARA, Turkey, Turkey, IEEE, 2018.
[27] S. M. Kasongo, and Y. Sun, “A Deep Learning Method With Filter Based Feature Engineering for Wireless Intrusion Detection System,” IEEE Access, vol. 7, pp. 38597-38607, 2019.
[28] Navaporn, Chockwanich, Vasaka et al., “Intrusion Detection by Deep Learning with TensorFlow,” 2019 21st International Conference on Advanced Communication Technology (ICACT), PyeongChang Kwangwoon_Do, Korea (South), IEEE, 2019.
[29] S. Otoum, B. Kantarci, and H. T. Mouftah, “On the Feasibility of Deep Learning in Sensor Network Intrusion Detection,” IEEE Networking Letters, vol. 1, no. 2, pp. 68-71, 2019.
[30] S. ustebay, Z. Turgut, and M. A. Aydin, “Intrusion Detection System with Recursive Feature Elimination by using Random Forest and Deep Learning Classifier,” 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), ANKARA, Turkey, Turkey, IEEE, 2018.
[31] R. Vinayakumar, M. Alazab, K. P. Soman et al., “Deep Learning Approach for Intelligent Intrusion Detection System,” IEEE Access, vol. 7, pp. 41525-41550, 2019.
[32] W. Wang, Y. Sheng, J. Wang et al., “HAST-IDS: Learning Hierarchical Spatial-Temporal Features Using Deep Neural Networks to Improve Intrusion Detection,” IEEE Access, vol. 6, pp. 1792-1806, 2018.
[33] G. Spathoulas, N. Giachoudis, G.-P. Damiris et al., “Collaborative Blockchain-Based Detection of Distributed Denial of Service Attacks Based on Internet of Things Botnets,” Future Internet, vol. 11, no. 11, pp. 226, 2019.
[34] F. Gont, Security Assessment of the Transmission Control Protocol (TCP), United Kingdom: Centre for the Protection of National Infrastructure (CPNI), 2009.
[35] F.-H. Hsu, Y.-L. Hwang, C.-Y. Tsai et al., “TRAP: A Three-Way Handshake Server for TCP Connection Establishment,” Applied Sciences, vol. 6, no. 11, pp. 358, 2016.
[36] M. J. Evans, and J. r. S. Rosenthal, Probability and Statistics, The Science of Uncertainty - Second Edition, Toronto, 2009.