Download - 3ppt
![Page 1: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/1.jpg)
NETWORK INTRUSION DETECTION NETWORK INTRUSION DETECTION SYSTEM SYSTEMUSING USING
GENETIC ALGORITHMGENETIC ALGORITHM
By:By:
S.MounikaS.Mounika
III-MCA(V-SEMIII-MCA(V-SEM))
091FD01036091FD01036
![Page 2: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/2.jpg)
ABSTRACTABSTRACT
The Project “Network Intrusion Detection Systems Using Genetic Algorithm” contains a brief overview of Intrusion Detection System (IDS), Genetic Algorithm (GA), and related detection techniques. This is helpful for identification of complex anomalous behaviors.
![Page 3: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/3.jpg)
EXISTING SYSTEMEXISTING SYSTEM
The rules in the dataset are static unless the network administrator manually enters the rules. It does not provide any option for generating dynamic rule set. It requires manual energy to monitor the Inflowing packets and analyze their behavior .
![Page 4: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/4.jpg)
DISADVANTAGESDISADVANTAGES
They are complexThey are rules dependentThey are manual.It cannot take decisions in runtime.It cannot create its own rule depending on the
current situation.
![Page 5: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/5.jpg)
PROPOSED SYSTEMPROPOSED SYSTEM
It is an artificial intelligence based problem-solving system. It includes both temporal and spatial information of the network traffic in the rule set.
![Page 6: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/6.jpg)
ADVANTGESADVANTGES
It eliminates the need for an attack to be previously known to be detected because malicious behavior is different from normal behavior by nature.
It generates its own rules depending on the real-time behavior of the packet.
Using a generalized behavioral model is theoretically more accurate, efficient and easier to maintain.
![Page 7: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/7.jpg)
• Processor : Intel Pentium III or above
• Memory : 128 MB or above
• Hard Disk Drive : 10 GB or above
Hardware RequirementsHardware Requirements
Software Requirements• OS Platform : Windows xp
• Software : JDK1.4.2 or later versions
![Page 8: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/8.jpg)
Architectural Design
![Page 9: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/9.jpg)
SOURCE
PASESR HOPCOUNT
IDS
CHROMOSOME CONVERT
GENETICRESTRICTED
USERS
ANOMOLOUSDATASET
NORMALDATASET
RULEGENERATION
DECISION
![Page 10: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/10.jpg)
ModulesModules
• Client’s Communication
• IDS implementation
• Chromosome Conversion
• Implementation of Genetic Algorithm
• Creating rules in Dataset
![Page 11: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/11.jpg)
Clients CommunicationClients Communication
This module is responsible for the client side communication system interface. It is used to communicate between the source and the destination. It receives the destination address, source address and the inflowing port no and binds them into a packet.
![Page 12: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/12.jpg)
IDS ImplementationIDS Implementation
This is the server side interface which is preset
in the server system and is solely under the control of the administrator. Any transaction in the network will be monitored by the Server.
It sends each and every Inflowing packets header information’s to the chromo convert module and then receives the converted real-time Chromosomes. If the particular chromosomes matches with the rules provided in the rule set, it takes the decision of whether allow or block depending on which rule set it matches.
![Page 13: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/13.jpg)
Chromosome ConversionChromosome Conversion
The collected attributes are converted into Chromosomes within the range and in the same behavior.
The process of a genetic algorithm usually begins with a randomly selected population of chromosomes. These chromosomes are representations of the problem to be solved.
. These positions are sometimes referred to as genes and are
changed randomly within a range during evolution.
The set of chromosomes during a stage of evolution are called a population.
![Page 14: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/14.jpg)
Genetic AlgorithmGenetic Algorithm
The Genetic Algorithm is implemented, for selecting the best rule for matching with the connection.
During evaluation, the selection of chromosomes for survival and combination is biased towards the fittest chromosomes.
The Genetic Algorithm has 3 operations
1. Selection 2. Recombination 3. Mutation
![Page 15: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/15.jpg)
Structure of GAStructure of GA
![Page 16: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/16.jpg)
Basic Steps of Genetic Algorithm
1.Randomly create a population of individuals.
2. Evaluate the population to see which individuals will contribute the next generation.
3. To alter the new generation of individuals once they have been paired off.
4. To discard the old population and perform step two on the new population.
![Page 17: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/17.jpg)
Source Destination
Sniffer ChromConvert
Chromosomes
GeneticAlgorithm Data Set
Decision taken byGenetic Algorithm
Router
PassingSystem
PassingSystem
PassingSystem
DATAFLOWDIAGRAM
Found Bad User Found Good User
SendsData
Hop Count
Finalize
Result
Check
ConvertedChromosomes
Real Time
Behavior
Monitors the connection
![Page 18: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/18.jpg)
Client IDSChromoConverter
Genetic Algorithm
Generate DataSet
DataSet
NewRules
Packet Chromosomes Input
Data
Check in DataSet
DATA FLOW
![Page 19: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/19.jpg)
DesignDesign
![Page 20: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/20.jpg)
UseCase Diagram
Passer
ChromoConverter
Hopcount
Destination
Genetic Algorithm
extends
include
source
Enters data
extendsextends
Anomal DataNormalData
![Page 21: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/21.jpg)
Usecase Diagram To Enter Usecase Diagram To Enter RulesRules
Anamoly
Normal
Restrict useradministrator
New entry
extends
extends
extends
gives information
![Page 22: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/22.jpg)
Activity DiagramActivity DiagramClientlogin
EntersHop count
Enters into Chromoconverter
Decision taken by GA
Checks in dataset
message sent
found an intruder
[ yes ]
[ no ]
![Page 23: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/23.jpg)
: SenderSystem Hopcount IDS Dataset
: Receiver
Check the availability of the user
Created rules are added in the dataset
Enter sys. addr., port no and msgcheck sys. addr., port no
Ask Inter Sys. no. and names
Enter Inter Sys no. and name
Check Sys. no. and name
Invalid System No. and name
New rules are created
Restricted User
Message Send
Sequence DiagramSequence Diagram
![Page 24: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/24.jpg)
Output ScreensOutput Screens
![Page 25: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/25.jpg)
New EntryNew Entry
![Page 26: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/26.jpg)
To Enter AnomalDataSetTo Enter AnomalDataSet
![Page 27: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/27.jpg)
![Page 28: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/28.jpg)
To Enter Normal datasetTo Enter Normal dataset
![Page 29: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/29.jpg)
![Page 30: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/30.jpg)
Connecting To ServerConnecting To Server
![Page 31: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/31.jpg)
![Page 32: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/32.jpg)
Enter the Data into the client windowEnter the Data into the client window
![Page 33: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/33.jpg)
Entering hopcountEntering hopcount
![Page 34: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/34.jpg)
Message is sent to destinationMessage is sent to destination
![Page 35: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/35.jpg)
![Page 36: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/36.jpg)
![Page 37: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/37.jpg)
![Page 38: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/38.jpg)
Enter the hopcountEnter the hopcount
![Page 39: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/39.jpg)
Found an intruderFound an intruder
![Page 40: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/40.jpg)
Server sideServer side
![Page 41: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/41.jpg)
Client sideClient side
![Page 42: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/42.jpg)
ConclusionConclusion• We discussed a methodology of applying genetic algorithm
into network intrusion detection.
• This implementation of genetic algorithm is more helpful for identification of network anomalous behaviors.
• Future work includes creating a standard test data set for the genetic algorithm proposed in this paper and applying it to a test environment.
• Detailed specification of parameters to consider for genetic algorithm should be determined during the experiments.
![Page 43: 3ppt](https://reader035.vdocuments.site/reader035/viewer/2022062513/55649f6dd8b42afd4f8b4f47/html5/thumbnails/43.jpg)
THANK YOUTHANK YOU