Intelligent zero-day intrusion detection framework for internet of things

- Khraisat, Ansam

Title
Intelligent zero-day intrusion detection framework for internet of things
Creator
Khraisat, Ansam
Date
2020
Type
Text; Thesis; PhD
Identifier
http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/179729
Identifier
vital:15656
Abstract
Zero-day intrusion detection system faces serious challenges as hundreds of thousands of new instances of malware are being created every day to cause harm or damage to the computer system. Cyber-attacks are becoming more sophisticated, leading to challenges in intrusion detection. There are many Intrusion Detection Systems (IDSs), which are proposed to identify abnormal activities, but most of these IDSs produce a large number of false positives and low detection accuracy. Hence, a significant quantity of false positives could generate a high-level of alerts in a short period of time as the normal activities are classified as intrusion activities. This thesis proposes a novel framework of hybrid intrusion detection system that integrates the Signature Intrusion Detection System (SIDS) with the Anomaly Intrusion Detection System (AIDS) to detect zero-day attacks with high accuracy. SIDS has been used to identify previously known intrusions, and AIDS has been applied to detect unknown zero-day intrusions. The goal of this research is to combine the strengths of each technique toward the development of a hybrid framework for the efficient intrusion detection system. A number of performance measures including accuracy, F-measure and area under ROC curve have been used to evaluate the efficacy of our proposed models and to compare and contrast with existing approaches. Extensive simulation results conducted in this thesis show that the proposed framework is capable of yielding excellent detection performance when tested with a number of widely used benchmark datasets in the intrusion detection system domain. Experiments show that the proposed hybrid IDS provides higher detection rate and lower false-positive rate in detecting intrusions as compared to the SIDS and AIDS techniques individually.; Doctor of Philosophy
Publisher
Federation University Australia
Rights
All metadata describing materials held in, or linked to, the repository is freely available under a CC0 licence
Rights
Copyright Ansam Khraisat
Rights
Open Access
Subject
Cyber security; Cybercriminals; Malicious software; Zero-day malware attacks; Intrusion Detection Systems
Full Text
Thesis Supervisor
Gondal, Iqbal
  • Hits: 876
  • Visitors: 877
  • Downloads: 111
Thumbnail File Description Size Format
SOURCE2 Australian Digital Thesis 6 MB Adobe Acrobat PDF