Research Article

A Cache Oblivious based GA Solution for Clustering Problem in IDS

by  Vignesh R, Ganesh B, Aarthi G, Iyswarya N
journal cover
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 1 - Issue 11
Published: February 2010
Authors: Vignesh R, Ganesh B, Aarthi G, Iyswarya N
10.5120/235-389
PDF

Vignesh R, Ganesh B, Aarthi G, Iyswarya N . A Cache Oblivious based GA Solution for Clustering Problem in IDS. International Journal of Computer Applications. 1, 11 (February 2010), 82-86. DOI=10.5120/235-389 

                        @article{ 10.5120/235-389,
                        author  = { Vignesh R,Ganesh B,Aarthi G,Iyswarya N },
                        title   = { A Cache Oblivious based GA Solution for Clustering Problem in IDS },
                        journal = { International Journal of Computer Applications },
                        year    = { 2010 },
                        volume  = { 1 },
                        number  = { 11 },
                        pages   = { 82-86 },
                        doi     = { 10.5120/235-389 },
                        publisher = { Foundation of Computer Science (FCS), NY, USA }
                        }
                        %0 Journal Article
                        %D 2010
                        %A Vignesh R
                        %A Ganesh B
                        %A Aarthi G
                        %A Iyswarya N
                        %T A Cache Oblivious based GA Solution for Clustering Problem in IDS%T 
                        %J International Journal of Computer Applications
                        %V 1
                        %N 11
                        %P 82-86
                        %R 10.5120/235-389
                        %I Foundation of Computer Science (FCS), NY, USA
Abstract

In this we present an efficient solution for eliminating false positives in intrusion detection systems using a parallelized version of Genetic Algorithm. Genetic algorithm uses selection, mutation and crossover operations eliminating most of the false positives in a reasonable time. Almost all existing versions are sequential without exploiting the capabilities of newer multiprocessors or distributed systems. By parallelizing genetic operations in the context of intrusion detection systems we reduce the total complexities. This parallelized approach gives better solution than sequential one by taking advantage of the parallel architecture. We propose the use of cache oblivious technique in our algorithm to provide efficient memory transfers. The complexity of this algorithm is O((N/B) logM/B N1/3/3 + N1/ 3) which is very much lesser when compared to other sorting algorithms.

References
  • Axelsson, S. 2000. The Base-Rate Fallacy and the Difficulty of Intrusion Detection. ACM Transactions on Information and System Security (TISSEC) 3(3), 186-205.
  • Bankovic, Z., Moya, José M., Araujo, A., Bojanic, S., and Nieto-Taladriz, O. September, 2007. Improving Network Security Using Genetic Algorithm Approach. Computers & Electrical Engineering, Vol.33, Issue 5-6. 438-451.
  • Bankovic, Z., Moya, José M., Araujo, A., Bojanic, S., and Nieto-Taladriz, O. 2009. A Genetic Algorithm-based Solution for Intrusion Detection, Journal of Information Assurance and Security 4. 192-199.
  • Bloedorn, E., Hill, B., Christiansen, A., Skorupka, C., Talbot, L., and Tivel, J. 2000. Data mining for improving intrusion detection Technical report, MITRE Corporation.
  • Broderick, J. (ed.). 1998. IBM outsourced solution. http://www.infoworld.com/cgi-bin/displayTC.pl?/980504sb3-ibm.htm.
  • Clifton, C., Gengo, G. 2000. Developing custom intrusion detection filters using data mining. In 2000 Military Communications International Symposium. USA. 22-25.
  • Julisch, K. 2001. Mining Alarm Clusters to Improve Alarm Handling Efficiency. In 17th Annual Computer Security Applications Conference (ACSAC). 12-21.
  • Julisch, K. 2003. Clustering Intrusion Detection Alarms to Support Root Cause Analysis. 8-16.
  • Li, W. 2004. Using Genetic Algorithm for Network Intrusion Detection.
  • Manganaris, S., Christensen, M., Zerkle, D., and Hermiz, K. 2000. A Data Mining Analysis of RTID Alarms. Computer Networks 34(4), 571-577.
  • Olsen, Jesper H., Skov, S. December, 2002. Cache-Oblivious Algorithms in Parctice, Master's Thesis. University of Copenhagen
  • Perdisci, R., Giacinto, G., Roli, F. Alarm clustering for intrusion detection systems in computer networks. 2006. Engineering Applications of Artificial Intelligence, Science Direct.429-438.
  • Sinclair, C., Lyn P., and Matzner, S. 1999. "An Application of Machine Learning to Network Intrusion Detection." In Proceedings of 1999 Annual Computer Security Applications Conf. (ACSAC). 371-377. Phoenix, Arizona. URL: http://www.acsac.org/1999/papers/fri-b-1030-sinclair.pdf (30 Oct. 2003).
  • Wang, J., Wang, H., Zhao, G. 2006. A GA-based Solution to an NP-hard Problem of Clustering Security Events. IEEE 2093- 2097.
Index Terms
Computer Science
Information Sciences
No index terms available.
Keywords

Cache Oblivious Clustering Genetic algorithm False Positive Funnel Sort

Powered by PhDFocusTM