![](/images/graphics-bg.png)
Two level classifier based on anomaly artificial immune system
العناوين الأخرى
مصنف ثنائي المستوى مستند على الشروذ في الجهاز المناعي الاصطناعي
مقدم أطروحة جامعية
مشرف أطروحة جامعية
أعضاء اللجنة
Awdah, Jihad M.
al-Rababa, Mamun
Ubayd, Nadim Ali Miri
الجامعة
جامعة آل البيت
الكلية
كلية الأمير الحسين بن عبد الله لتكنولوجيا المعلومات
القسم الأكاديمي
قسم علوم الحاسوب
دولة الجامعة
الأردن
الدرجة العلمية
ماجستير
تاريخ الدرجة العلمية
2011
الملخص الإنجليزي
With the rapid growth of computer networks, data and network security has become an essential problem due to the increasing attempts of intrusion events.
Therefore, several methods are available to detect and eliminate intrusion attempts on computer system and networks.
Artificial Immune System (AIS), is a strong computational intelligence method inspired by biology immune system is an adaptive system, is used to provide protection for computer systems.
The function of biology immune system is to identify and categorize body cells into two groups.
The first is self named antibody which is part of a system used to detect and eliminate antigens, and the second is a non-self named antigen.
An antigen is synonymous with foreign attacks. Many researchers used AIS with an anomaly technique depend on the differences of packets presented in the parts of the protocol header, to overcome the weakness of Signature-based by pattern matching of known attack patterns. Motivated by the need to detect intrusions as soon as they happen, it is important to find detection antibodies that could be used to detect suspicious access and prevent accessing the system.
In this research, a genetic algorithm is used to reduce the clustered feature set, and generate detection antibodies.
The unrecognized access records are then fed to C4.5 algorithm (Decision Tree) to improve classification accuracy. Researchers suggest that employing features selected from NSL-KDD cup data to avoid redundant records which may cause learning algorithm bias [Tav09].
NSL-KDD contains 41 features and is labeled as either normal or an attack.
NSL-KDD cup have 22544 records. In this research, at first, NSL-KDD features are clustered using Kohonen neural network.
K-Means clustering algorithm used to classify or to group the dataset based on features into K number of group (K clusters) where K is a positive integer number equals 8 classes. The first classifier (the Genetic algorithm) trained with the clustered features by using the principles of selection and evolution producing several solutions to a given problem.
As a result, two Antibody rules are generated (that could recognize Normal and Antigen) applied on access records.
If the antibodies could not recognize the access record (either both antibodies were true or both were false), then the access record is labeled as unknown (unrecognized). The second classifier is used to developed rule generator, based on best features defined in the first classifier, using C4.5 algorithm decision tree.
Also, two Antibody rules are generated (that could recognize Normal and Antigen).
The generated antibodies are applied on the unknown access records to classify them.
In case the C4.5 could not recognize an access record (i.e.
the access record still unrecognized), unknown records are treated as Antigen. Cross validation is used for estimating the performance of the suggested model.
After applying the resulted two classifiers on the testing groups, the system accuracy reaches 99.9% in detection of Antigen.
Also as another result, the best features (the features involved in normal and attack antibodies) defined from Genetic algorithm (GA) are distinguished as important discrimination features.
التخصصات الرئيسية
تكنولوجيا المعلومات وعلم الحاسوب
الموضوعات
عدد الصفحات
95
قائمة المحتويات
Table of contents.
Abstract.
Chapter one : Preface.
Chapter two : Theoretical framework.
Chapter three : Development of suggested system.
Chapter four : Experimental results.
Chapter five : Conclusion and Future work.
References.
نمط استشهاد جمعية علماء النفس الأمريكية (APA)
al-Douri, Yamur Qahtan. (2011). Two level classifier based on anomaly artificial immune system. (Master's theses Theses and Dissertations Master). Al albayt University, Jordan
https://search.emarefa.net/detail/BIM-314945
نمط استشهاد الجمعية الأمريكية للغات الحديثة (MLA)
al-Douri, Yamur Qahtan. Two level classifier based on anomaly artificial immune system. (Master's theses Theses and Dissertations Master). Al albayt University. (2011).
https://search.emarefa.net/detail/BIM-314945
نمط استشهاد الجمعية الطبية الأمريكية (AMA)
al-Douri, Yamur Qahtan. (2011). Two level classifier based on anomaly artificial immune system. (Master's theses Theses and Dissertations Master). Al albayt University, Jordan
https://search.emarefa.net/detail/BIM-314945
لغة النص
الإنجليزية
نوع البيانات
رسائل جامعية
رقم السجل
BIM-314945
قاعدة معامل التأثير والاستشهادات المرجعية العربي "ارسيف Arcif"
أضخم قاعدة بيانات عربية للاستشهادات المرجعية للمجلات العلمية المحكمة الصادرة في العالم العربي
![](/images/ebook-kashef.png)
تقوم هذه الخدمة بالتحقق من التشابه أو الانتحال في الأبحاث والمقالات العلمية والأطروحات الجامعية والكتب والأبحاث باللغة العربية، وتحديد درجة التشابه أو أصالة الأعمال البحثية وحماية ملكيتها الفكرية. تعرف اكثر
![](/images/kashef-image.png)