PROJECT SEMINAR PROJECT SEMINAR On On “ “ Network Intrusion Network Intrusion Detection using Genetic Detection using Genetic Algorithm Algorithm ” ” Presented by Presented by Under the Guidance of Under the Guidance of Coordinators Coordinators Chakrapani D.S Chakrapani D.S [ B.E, M.tech ] [ B.E, M.tech ] Lecturer, Dept of CSE Lecturer, Dept of CSE Chetan Chetan K. R K. R [ B.E, [ B.E, M.Tech ] M.Tech ] Sr. Lecturer , Dept of CSE Sr. Lecturer , Dept of CSE Poornima K.M Poornima K.M [ B.E, M.Tech ] [ B.E, M.Tech ] Asst. Professor, Dept of CSE Asst. Professor, Dept of CSE Jawaharlal Nehru National College of Jawaharlal Nehru National College of Engineering, Shimoga Engineering, Shimoga HITESH KUMAR. P HITESH KUMAR. P 4JN07CS027 4JN07CS027 SAGAR. U SAGAR. U 4JN07CS070 4JN07CS070 SANDEEP TANTRY. K SANDEEP TANTRY. K 4JN07CS072 4JN07CS072 SHARATH KUMAR. K SHARATH KUMAR. K 4JN07CS078 4JN07CS078
26
Embed
Using Genetic algorithm for Network Intrusion Detection
Using Genetic algorithm for Network Intrusion Detection : Genetic Algorithm IDS involves detecting the intrusion based on the log history, possible intrusions that are likely to occur. In Genetic Algorithm, each connection will be considered as a chromosome” which consists of many “genes” ( properties of the connection like : sourceIP, targetIP, port no., protocol …), One has to find the fitness value of each such chromosomes to detect intrusion.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Asst. Professor, Dept of CSEAsst. Professor, Dept of CSE
Jawaharlal Nehru National College of Engineering, Jawaharlal Nehru National College of Engineering, ShimogaShimoga
HITESH KUMAR. P 4JN07CS027HITESH KUMAR. P 4JN07CS027SAGAR. USAGAR. U 4JN07CS070 4JN07CS070SANDEEP TANTRY. K 4JN07CS072SANDEEP TANTRY. K 4JN07CS072SHARATH KUMAR. K 4JN07CS078SHARATH KUMAR. K 4JN07CS078
Contents1. Introduction
1.1 Introduction to Intrusion Detection System(IDS).
1.2 Introduction to genetic algorithm.
2. Problem Specification
2.1 Major problems addressed.
2.2 Challenges faced.
2.3 Scope of the project.
3. Literature Survey
3.1 Features & Technology used.
3.2 Drawbacks & Solutions.
4. System Architecture
4.1 Workflow diagrams & Modules.
Introduction to Intrusion Introduction to Intrusion Detection SystemDetection System
Generate Generate a new a new PopulationPopulation
Applications.
Military
Information security in some multinational agencies.
Intrusion Prevention System.
Significance.
Network traffic analysis .
Detection of various attacks.
Major problems
Security infrastructure.
Threats originating from outside.
Support Issues (OS, Platform)
Evaluation Parameters.
Challenges
Frequency vs Difficulty level.
Hacktivists or cyber terrorists
Deployment & Myths
Using IDS in fully switched networks
Interpreting all the data being presented
Encryption, VPN, Tunnels
Performance
Response team.
Scope
Combining knowledge from different sensors into a
Standard rule base.
Local Area Security.
Security purpose in main servers across the world.
Intelligence Intrusion Detection System(IIDS) is an
ongoing Project in Mississippi University.
Literature Survey
• “The Integration of security sensors into the Intelligent Intrusion Detection System (IIDS) in a cluster environment” by Li, Wei
– In this paper the author has described the some methods to detect Intrusion in Network.
• “Network Intrusion Detection” by Stephen Northcutt, Judy Novak
– In this book the author has described some concepts related to networks and concepts related to Intrusion Detection
• “Principles of Information Security” - Michel E. Whitman and Herbert J. Mattord
– In this paper the author has described about concepts in network security completely.
• “Genetic Algorithms with Dynamic Niche Sharing for Multimodal Function Optimization.” by Miller, Brad. L. and Michael J. Shaw.
– In this paper the author has described about the concepts of Genetic algorithm and its applications (usage).
Applying Genetic Algorithm to IDS
• Genetic algorithms can be used to evolve simple rules for network traffic.
The rules stored in the rule base are usually in the following form
if { condition } then { act }
Eg. if {the connection has following information: source IP address 124.12.5.18; destination IP address:130.18.206.55; destination port number: 21; connection time: 10.1 seconds }
then {stop the connection}
Rule definition for connection and range of values of each field AttributeAttribute Range Eg. Value Descriptions Range Eg. Value Descriptions
0.0.0.0 – 255.0.0.0.0 – 255. d1.0b.**.** A subnet with d1.0b.**.** A subnet with resperespe Source IPSource IP 255.255.255 255.255.255 (209.11.??.??) -ctive range of IP (209.11.??.??) -ctive range of IP
Destination IP 0.0.0.0 – 255.Destination IP 0.0.0.0 – 255. 82.12.b*.** 82.12.b*.** A subnet with respA subnet with resp
255.255.255 255.255.255 -ective range of IP-ective range of IP Source Port no 0 - 65535Source Port no 0 - 65535 42335 42335 Source Port noSource Port no
Dest Port no 0 - 65535 00080Dest Port no 0 - 65535 00080 HTTP ServiceHTTP Service Duration 0 - 99999999 00000482 Connection Duration 0 - 99999999 00000482 Connection DurationDuration
Li, Wei. 2002. “The integration of security sensors into Li, Wei. 2002. “The integration of security sensors into the Intelligent Intrusion Detection System (IIDS) in a the Intelligent Intrusion Detection System (IIDS) in a cluster environment.” Master’s Project Report. Department cluster environment.” Master’s Project Report. Department of Computer Science, Mississippi State University.of Computer Science, Mississippi State University.
Miller, Brad. L. and Michael J. Shaw. 1996. “Genetic Miller, Brad. L. and Michael J. Shaw. 1996. “Genetic Algorithms with Dynamic Niche Sharing for Multimodal Algorithms with Dynamic Niche Sharing for Multimodal Function Optimization.” Function Optimization.” In Proceedings of IEEE In Proceedings of IEEE International Conf. on Evolutionary Computation.International Conf. on Evolutionary Computation.
“ “Network Intrusion Detection” by Stephen Northcutt, Network Intrusion Detection” by Stephen Northcutt, Judy Novak ( 3Judy Novak ( 3rdrd edition). edition).
“ “Principles of Information SecurityPrinciples of Information Security” - Michel E. Whitman and ” - Michel E. Whitman and Herbert J. Mattord, (2Herbert J. Mattord, (2ndnd Edition) Edition)