Please use this identifier to cite or link to this item: http://ddms.usim.edu.my:80/jspui/handle/123456789/20603
Title: A New Model For Network-Based Intrusion Prevention System Inspired By Apoptosis
Authors: Mohammed Nadir Ali
Keywords: Cyber-attacks
Technology
Issue Date: Oct-2019
Publisher: Universiti Sains Islam Malaysia
Abstract: The burgeoning growth of cyber-attacks, which have become more difficult to confine, has made intrusions much harder to detect and prevent. The development of technology has gradually encouraged the advent of more sophisticated intrusions, which generally cause the loss of critical data, time and money, security breaches, damage to software and hardware, the halt of normal operations, and damage to company reputation. In existing Intrusion Prevention Systems (IPSs), there is a high false positive rate, lack of conditional signature competence and inadequate standard intrusion classification to identify an intrusion. Therefore, there is a need for a new intrusion classification and an intrusion prevention model. Hence, this study aims to develop a new intrusion classification, and an enhanced model called the Network-based Intrusion Prevention System inspired by Apoptosis (NIPSA), by applying the conditional technique and apoptosis with the aim to achieve a better accuracy rate. The NIPSA model consists of the NIPSA Knowledge Discovery in Databases (KDD), the NIPSA intrusion classification, and the NIPSA intrusion apoptosis algorithm. Apoptosis is adapted from the human immunology system, a concept that has been integrated into the NIPSA model. Moreover, security metrics have been applied to assign weight and severity ranks and values, which act as input to trigger apoptosis. The CICIDS2017 dataset is used in this study, where the size of the training dataset and the testing dataset are 1183 and 788, respectively. The WEKA software was used to process the experimental data. Then, the proposed model in this study was evaluated by simulating it in WEKA using five different classification algorithms (SMO, J48, IBk, BayesNet, and Naïve-Bayes). The NIPSA model of intrusion classification based on the SMO algorithm produced results with an overall accuracy rate of 98.86%, 0.3% false positive rate, and 1.1% false negative rate. This result has been compared with a previous study and showed an improvement in false positive rate and false negative rate of 0.8% and 3.7%, respectively. As for the prevention part, an overall accuracy rate of 95.43% has been achieved by applying apoptosis to the proposed model. The results of this study could serve as a benchmark against future works in this field.
URI: http://ddms.usim.edu.my:80/jspui/handle/123456789/20603
Appears in Collections:Ph.D

Files in This Item:
File Description SizeFormat 
4150169 - INTRODUCTION.pdf507.94 kBAdobe PDFView/Open
4150169 - CHAPTER 1.pdf6.1 MBAdobe PDFView/Open
4150169 - CHAPTER 2.pdf856.61 kBAdobe PDFView/Open
4150169 - CHAPTER 3.pdf1.55 MBAdobe PDFView/Open
4150169 - CHAPTER 4.pdf1.97 MBAdobe PDFView/Open
4150169 - CHAPTER 5.pdf757.76 kBAdobe PDFView/Open
4150169 - CHAPTER 6.pdf33.92 kBAdobe PDFView/Open
4150169 - REFERENCES.pdf306.58 kBAdobe PDFView/Open
4150169 - APPENDICES.pdf2.36 MBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.