Browsing by Author "Abdul Hanan Abdullah"

Now showing 1 - 7 of 7
  • Default Image
    Item
    A novel method for unsupervised anomaly detection using unlabelled data
    (2008) Abdul Samad Bin Haji Ismail; Abdul Hanan Abdullah; Kamalrulnizam Bin Abu Bak; Md Asri Bin Ngadi; Dahliyusmanto Dahlan; Witcha Chimphlee; A. S. B. H. Ismail; Faculty of Science and Information Systems, Universiti Teknologi Malaysia, 81310 Skudai, Johor, Malaysia; email: abdsamad@utm.my
    Most current intrusion detection methods cannot process large amounts of audit data for real-time operation. In this paper, anomaly network intrusion detection method based on Principal Component Analysis (PCA) for data reduction and Fuzzy Adaptive Resonance Theory (Fuzzy ART) for classifier is presented. Moreover, PCA is applied to reduce the high dimensional data vectors and distance between a vector and its projection onto the subspace reduced is used for anomaly detection. Using a set of benchmark data from KDD (Knowledge Discovery and Data Mining) Competition designed by DARPA for demonstrate to detection intrusions. Experimental results show the proposed model can classify the network connections with satisfying performance. © 2008 IEEE.
  • Default Image
    Item
    Anomaly-based intrusion detection using fuzzy rough clustering
    (2006) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Noor Md. Sap; Surat Srinoy; Siriporn Chimphlee; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Thailand; email: witcha_chi@dusit.ac.th
    It is an important issue for the security of network to detect new intrusion attack and also to increase the detection rates and reduce false positive rates in Intrusion Detection System (IDS). Anomaly intrusion detection focuses on modeling normal behaviors and identifying significant deviations, which could be novel attacks. The normal and the suspicious behavior in computer networks are hard to predict as the boundaries between them cannot be well defined. We apply the idea of the Fuzzy Rough C-means (FRCM) to clustering analysis. FRCM integrates the advantage of fuzzy set theory and rough set theory that the improved algorithm to network intrusion detection. The experimental results on dataset KDDCup99 show that our method outperforms the existing unsupervised intrusion detection methods © 2006 IEEE.
  • Default Image
    Item
    Integrating genetic algorithms and fuzzy c-means for anomaly detection
    (2005) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Moor Md Sap; Siriporn Chimphlee; Surat Srinoy; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Road, Thailand; email: witcha_chi@dusit.ac.th
    The goal of intrusion detection is to discover unauthorized use of computer systems. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large; human labeling is tedious, time-consuming, and expensive. Traditional anomaly detection algorithms require a set of purely normal data from which they train their model. In this paper we propose an intrusion detection method that combines Fuzzy Clustering and Genetic Algorithms. Clustering-based intrusion detection algorithm which trains on unlabeled data in order to detect new intrusions. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Genetic Algorithms (GA) to the problem of selection of optimized feature subsets to reduce the error caused by using land-selected features. Our method is able to detect many different types of intrusions, while maintaining a low false positive rate. We used data set from 1999 KDD intrusion detection contest. © 2005 IEEE.
  • Default Image
    Item
    Meta-scheduler in Grid environment with multiple objectives by using genetic algorithm
    (2006) Siriluck Lorpunmanee; Mohd Noor Md Sap; Abdul Hanan Abdullah; Surat Srinoy; S. Lorpunmanee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Rd., Malaysia; email: siriluck_lor@dusit.ac.th
    Grid computing is the principle in utilizing and sharing large-scale resources of heterogeneous computing systems to solve the complex scientific problem. Such flexible resource request could offer the opportunity to optimize several parameters, such as coordinated resource sharing among dynamic collections of individuals, institutions, and resources. However, the major opportunity is in optimal job scheduling, which Grid nodes need to allocate the resources for each job. This paper proposes and evaluates a new method for job scheduling in heterogeneous computing Systems. Its objectives are to minimize the average waiting time and make-span time. The minimization is proposed by using a multiple objective genetic algorithm (GA), because the job scheduling problem is NP-hard problem. Our model presents the strategies of allocating jobs to different nodes. In this preliminary tests we show how the solution founded may minimize the average waiting time and the make-span time in Grid environment. The benefits of the usage of multiple objective genetic algorithm is improving the performance of the scheduling is discussed. The simulation has been obtained using historical information to study the job scheduling in Grid environment. The experimental results have shown that the scheduling system using the multiple objective genetic algorithms can allocate jobs efficiently and effectively.
  • Default Image
    Item
    Optimalisation of a job scheduler in the grid environment by using fuzzy C-mean
    (2007) Siriluck Lorpunmanee; Mohd Noor Md Sap; Abdul Hanan Abdullah; S. Lorpunmanee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, Thailand; email: siriluck_lor@dusit.ac.th
    Grid computing is the principle in utilizing and sharing large-scale resources to solve complex scientific problems. Under this principle, Grid environment has problems in flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resources. However, the major problems include optimal job scheduling, and which grid nodes allocate the resources for each job. This paper proposes the model for optimizing jobs scheduling in Grid environment. The model presents the results of the simulation of the Grid environment of jobs allocation to different nodes. We develop the results of job characteristics to three classifications depending on jobs run time in machines, which have been obtained using the optimization of jobs scheduling. The results prove the model by using Fuzzy c-mean clustering technique for predicting the characterization of jobs and optimization of jobs scheduling in Grid environment. This prediction and optimization engine will provide Jobs scheduling base upon historical information. This paper presents the need for such a prediction and optimization engine that discusses the approach for history-based prediction and optimization. Simulation runs demonstrate that our algorithm leads to better results than the traditional algorithms for scheduling policies used in Grid environment.
  • Default Image
    Item
    To detect misuse and anomaly attacks through rule induction analysis and fuzzy methods
    (2006) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Noor Md. Sap; Siriporn Chimphlee; Surat Srinoy; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Road, Thailand; email: witcha_chi@dusit.ac.th
    To protect networks, intrusion detection systems aim to identify attacks with a high detection rate and a low false alarm rate. In this paper we propose an intrusion detection method that combines rule induction analysis for misuse detection and Fuzzy c-means for anomaly detection. Rule induction is used to generate patterns from data and finding a set of rules that satisfy some predefined criteria. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Our method is an accurate model for handle complex attack patterns in large networks. Empirical studies using the network security data set from the DARPA 1998 offline intrusion detection project (KDD 1999 Cup) show the feasibility of misuse and anomaly detection results.
  • Default Image
    Item
    To identify suspicious activity in anomaly detection based on soft computing
    (2006) Witcha Chimphlee; Mohd Noor Md Sap; Abdul Hanan Abdullah; Siriporn Chimphlee; Surat Srinoy; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Road, Thailand; email: witcha_chi@dusit.ac.th
    The Traditional intrusion detection systems (IDS) look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. However, normal operation often produces traffic that matches likely "attack signature", resulting in false alarms. In this paper we propose an intrusion detection method that proposes rough set based feature selection heuristics and using fuzzy c-means for clustering data. Rough set has to decrease the amount of data and get rid of redundancy. Fuzzy Clustering methods allow objects to belong to several clusters simultaneously, with different degrees of membership. Our approach allows us to recognize not only known attacks but also to increase accuracy detection rate for suspicious activity and signature detection. Empirical studies using the network security data set from the DARPA 1998 offline intrusion detection project (KDD 1999 Cup) show the feasibility of misuse and anomaly detection results.