Browsing by Author "Surat Srinoy"

Now showing 1 - 20 of 22
  • Default Image
    Item
    An adaptive IDS model based on swarm intelligence and support vector machine
    (2006) Surat Srinoy; S. Srinoy; Faculty of Science and Technology, Suan Dusit Rajabhat University, Bangkok, Thailand; email: surat_sri@dusit.ac.th
    Intrusion detection system looks for unusual or suspicious activity, such as patterns of network traffics that are likely indicators of unauthorized activity. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large, human labeling is tedious, time-consuming, and expensive. In this paper we present support vector machine approach to data clustering. Support vector machine is used to initially create raw clusters and then these clusters are refined using Artificial Fuzzy Ants Clustering (AFAC). AFAC that has been developed as swarm intelligence techniques. The Algorithm uses ant colony optimization principle to find good partitions of the data. Certain unnecessary complications of the original algorithm are discussed and means of overcoming these complexities are proposed. We propose Artificial Fuzzy Ants Clustering (AFAC) in the second stage for refinement mean of overcoming these complexities are proposed. Our approach allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. The experimental results on Knowledge Discovery and Data Mining-(KDDCup 1999). © 2006 IEEE.
  • Default Image
    Item
    An approach to solve computer attacks based on hybrid model
    (2006) Surat Srinoy; Witcha Chimphlee; Siriporn Chimphlee; Yoothapoom Poopaibool; S. Srinoy; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Ratchasima Road, Thailand; email: surat_sri@dusit.ac.th
    It is an important issue for the security of network to detect new intrusion attack. We introduce the idea of the Independent component analysis (ICA) based feature selection heuristics, and present Support Vector Machine (SVM) algorithm for data classification. ICA aims at extracting unknown hidden factors/components from multivariate data using only the assumption that unknown factors are mutually independent. The experimental results on dataset Knowledge Discovery and Data Mining (KDDCup99) show that our method outperforms the existing intrusion detection methods.
  • Default Image
    Item
    An improving fuzzy ant clustering using artificial immune recognition system
    (2006) Werasak Kurutach; Surat Srinoy; Witcha Chimphlee; Siriporn Chimphlee
    We present a swarm intelligence approach to data clustering. Ant based clustering is used to initially create raw clusters and then these clusters are refined using Artificial Immune Recognition System (AIRS). AIRS that has been developed as an immune-inspired supervise learning algorithm. Certain unnecessary complications of the original algorithm are discussed and means of overcoming these complexities are proposed. We propose artificial immune recognition systems (AIRS) in the second stage for refinement mean of overcoming these complexities are proposed. Our approach allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. The experimental results on Knowledge Discovery and Data Mining-(KDDCup 1999) dataset.
  • Default Image
    Item
    An integrated fuzzy ants and artificial immune recognition system for anomaly detection
    (2006) Surat Srinoy; Werasak Kurutach; S. Srinoy; Department of Computer Science, Suan Dusit Rajabhat University, Bangkok, Thailand; email: surat_sri@dusit.ac.th
    A computer system intrusion is seen as any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource. The introduction to networks and the internet caused great concern about the protection of sensitive information and have resulted in many computer security research efforts during the past few years. This paper highlights a novel approach for detecting intrusion based on bio-inspired algorithm. The intrusion detection model combines the fuzzy ants clustering algorithm and artificial immune recognition algorithm to maximize detection accuracy and minimize computational complexity. The implemented system has been tested on the training data set from DARPA DATA SET by MIT Lincoln Laboratory on intrusion. The applicability of the proposed method and the enhanced security it provides are discussed. © 2006 ICASE.
  • Default Image
    Item
    Anomaly detection based on GA&FART approach of computer network security
    (2012) Preecha Somwang; Woraphon Lilakiatsakun; Surat Srinoy; P. Somwang; Faculty of Information Science and Technology, Mahanakorn University of Technology, Bangkok, Cheumsampan Road, Thailand; email: preechak@nmc.ac.th
    The problems of intrusion detection in a computer network security are difficulty of having a protective line in the information security against attackers. Researchers have developed Intrusion Detection System (IDS) which is capable of detecting attacks in several available environments. This paper aims to provide the intrusion detection technique into the system by using integrates like the Genetic Algorithm (GA) with the Fuzzy Adaptive Resonance Theory (FART). The GA is applied to randomly select the best attribution and reduction to the featured space. The FART is used to classify different group of data: Normal and Anomalous. The results show that this proposed technique can improve the performance of anomalous detection, showing the high performance of the detection rate and minimizing the false alarm rate. The approach was evaluated on the benchmark data from KDDCup'99 data set.
  • Default Image
    Item
    Anomaly detection model based on bio-inspired algorithm and independent component analysis
    (Institute of Electrical and Electronics Engineers Inc., 2006) Surat Srinoy; Werasak Kurutach; S. Srinoy; Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Ratchasima Road, Thailand; email: surat_sri@dusit.ac.th
    With the advent and explosive growth of the global Internet and electronic commerce environments, adaptive/automatic network/service intrusion and anomaly detection in wide area data networks and e-commerce infrastructures is fast gaining critical research and practical importance. In this paper we present independent component analysis (ICA) based feature selection heuristics approach to data clustering. Independent Component Analysis is used to initially create raw clusters and then these clusters are refined using parallel Artificial Immune Recognition System(AIRS). AIRS that has been developed as an immune system techniques. The Algorithm uses artificial immune system(AIS) principle to find good partitions of the data. Certain unnecessary complications of the original algorithm are discussed and means of overcoming these complexities are proposed. We propose parallel Artificial Immune Recognition System (AIRS)) in the second stage for refinement mean of overcoming these complexities are proposed. Our approach allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. The experimental results on Knowledge Discovery and Data Mining-(KDDCup 1999). © 2006 IEEE.
  • Default Image
    Item
    Anomaly intrusion detection systems based on evolutionary computing
    (2007) Surat Srinoy; Siriporn Chimphlee; Witcha Chimphlee
    As malicious intrusions are a growing problem, we need a solution to detect the intrusions accurately. Network administrators are continuously looking for new ways to protect their resources from harm, both internally and externally. Intrusion detection systems look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large; human labeling is tedious, time-consuming, and expensive. The objective of this paper is to describe a fuzzy c-means and genetic algorithms and discuss its usage to detect intrusion in a computer network. We are using a Genetic Algorithms (GA) to select a subset of input features for clustering with a goal of increasing the detection rate and decreasing the false alarm rate in network intrusion detection. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Experiments were performed with DARPA data sets, which have information on computer networks, during normal behavior and intrusive behavior.
  • Default Image
    Item
    Anomaly-based intrusion detection using fuzzy rough clustering
    (2006) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Noor Md. Sap; Surat Srinoy; Siriporn Chimphlee; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Thailand; email: witcha_chi@dusit.ac.th
    It is an important issue for the security of network to detect new intrusion attack and also to increase the detection rates and reduce false positive rates in Intrusion Detection System (IDS). Anomaly intrusion detection focuses on modeling normal behaviors and identifying significant deviations, which could be novel attacks. The normal and the suspicious behavior in computer networks are hard to predict as the boundaries between them cannot be well defined. We apply the idea of the Fuzzy Rough C-means (FRCM) to clustering analysis. FRCM integrates the advantage of fuzzy set theory and rough set theory that the improved algorithm to network intrusion detection. The experimental results on dataset KDDCup99 show that our method outperforms the existing unsupervised intrusion detection methods © 2006 IEEE.
  • Default Image
    Item
    Combination artificial ant clustering and K-PSO clustering approach to network security model
    (2006) Surat Srinoy; Werasak Kurutach; S. Srinoy; Department of Computer Science, Suan Dusit Rajabhat University, Thailand; email: surat_sri@dusit.ac.th
    A Computer system now operate in an environment of near ubiquitous connectivity, whether tethered to an Ethernet cable or connected via wireless technology. While the availability of always on communication has created countless new opportunities for web based businesses, information sharing, and coordination, it has also created new opportunities for those that seek to illegally disrupt, subvert, or attack these activities. We present natural based data mining algorithm approach to data clustering. Artificial ant clustering algorithm is used to initially create raw clusters and then these clusters are refined using k-mean particle swarm optimization (KPSO). KPSO that has been developed as evolutionary-based clustering technique. The algorithm uses hybridization the k-means algorithm and PSO principle to find good partitions of the data. Certain unnecessary complications of the original algorithm are discussed and means of overcoming these complexities are proposed. We propose k-means particle swarm optimization clustering algorithm in the second stage for refinement mean of overcoming these complexities is proposed. Our approach allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. The experimental results on Knowledge Discovery and Data Mining-(KDDCup 1999. © 2006 IEEE.
  • Default Image
    Item
    Independent component analysis and rough fuzzy based approach to web usage mining
    (2006) Siriporn Chimphlee; Naomie Salim; Mohd Salim Bin Ngadiman; Witcha Chimphlee; Surat Srinoy; S. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Rd, Thailand; email: siripom.chi@dusit.ac.th
    Web Usage Mining is that area of Web Mining which deals with the extraction of interesting knowledge from logging information produced by Web servers. A challenge in web classification is how to deal with the high dimensionality of the feature space. In this paper we present Independent Component Analysis (ICA) for feature selection and using Rough Fuzzy for clustering web user sessions. It aims at discovery of trends and regularities in web users' access patterns. ICA is a very general-purpose statistical technique in which observed random data are linearly transformed into components that are maximally independent from each other, and simultaneously have "interesting" distributions. Our experiments indicate can improve the predictive performance when the original feature set for representing web log is large and can handling the different groups of uncertainties/impreciseness accuracy.
  • Default Image
    Item
    Integrated soft computing for intrusion detection on computer network security
    (2011) Sirikanjana Pilabutr; Preecha Somwang; Surat Srinoy; S. Pilabutr; Faculty of Information Sciences, Nakhon Ratchasima College, Nakhon Ratchasima, Thailand; email: sirikanjana@nmc.ac.th
    Computer network security is very important for all business sectors. The Intrusion Detection Systems (IDS) is one technique that prevents an information system from a computer networks attacker. The IDS is able to detect behavior of new attacker which is indicated both correct Detection Rate and False Alarm Rate. This paper presents the new intrusion detection technique that applied hybrid of unsupervised/supervised learning scheme. To combine between the Independent Component Analysis (ICA) and the Support Vector Machine (SVM) are the advantage of these new IDS. The benefit of the ICA is to separate these independent components from the monitored variables. And the SVM is able to classify a different groups of data such as normal or anomalous. As a result, the new IDS are able to improve the performance of anomaly intrusion detection and intrusion detection. © 2011 IEEE.
  • Default Image
    Item
    Integrating genetic algorithms and fuzzy c-means for anomaly detection
    (2005) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Moor Md Sap; Siriporn Chimphlee; Surat Srinoy; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Road, Thailand; email: witcha_chi@dusit.ac.th
    The goal of intrusion detection is to discover unauthorized use of computer systems. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large; human labeling is tedious, time-consuming, and expensive. Traditional anomaly detection algorithms require a set of purely normal data from which they train their model. In this paper we propose an intrusion detection method that combines Fuzzy Clustering and Genetic Algorithms. Clustering-based intrusion detection algorithm which trains on unlabeled data in order to detect new intrusions. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Genetic Algorithms (GA) to the problem of selection of optimized feature subsets to reduce the error caused by using land-selected features. Our method is able to detect many different types of intrusions, while maintaining a low false positive rate. We used data set from 1999 KDD intrusion detection contest. © 2005 IEEE.
  • Default Image
    Item
    Integration Soft Computing Approach to Network Security
    (Institute of Electrical and Electronics Engineers Inc., 2007) Surat Srinoy; S. Srinoy; Computer Science Department, Suan Dusit Rajabhat University, Bangkok, 295 Ratchasima Rd, Thailand; email: surat_sri@dusit.ac.th
    Computer security is defined as the protection of computing system against threats to confidentiality, integrity, and availability. Due to increasing incidents of cyber attacks, building effective intrusion detection systems are essential for protecting information systems security. It is an important issue for the security of network to detect new intrusion attack and also to increase the detection rates and reduce false positive rates in this area. Lacking a distinctive boundary definition among normal and abnormal datasets, discriminating the normal and abnormal behaviors seems too much complex. This paper proposes an integrating support vector machine and rough set for recognizing intrusion detection in computer network. Empirical results clearly show that support vector machine and rough set approach could play a major role for intrusion detection systems. © 2007 IEEE.
  • Default Image
    Item
    Intelligence system approach for computer network security
    (2007) Surat Srinoy; S. Srinoy; Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Ratchasima Rd, Thailand; email: surat_sri@dusit.ac.th
    Growing number of intrusions into networked computers has raised concerns about computer security. Intrusion Detection Systems are important security tools, placing inside a protected network and looking for known or potential threats in network traffic and/or audit data recorded by hosts. In this paper particle swarm optimization (PSO) is used to implement a feature selection, and support vector machine (SVMs) with the one-versus-rest method serve as a fitness function of PSO for classification problems from the literature. Experimental result shows that our method allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. Our method simplifies features effectively and obtains a higher classification accuracy compared to other methods.
  • Default Image
    Item
    Internetworking security model based on intelligent system
    (2007) Surat Srinoy; Witcha Chimphlee; S. Srinoy; Department of Computer Science, Suan Dusit Rajabhat University, Bangkok, Thailand; email: surat_sri@dusit.ac.th
    Security of computers and the networks that connect them is increasingly becoming of great significance. Computer security is defined as the protection of computing systems against threats to confidentiality, integrity, and availability. In this paper we present the architecture of our system that combines anomaly and misuse intrusion detection in a hybrid system that tries to take benefit of the best practices of both misuse and anomaly detection approaches. Experimental result shows that our method allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. Our method simplifies features effectively and obtains a higher classification accuracy compared to other methods. ©2007 IEEE.
  • Default Image
    Item
    Intrusion detection model based on particle swarm optimization and support vector machine
    (2007) Surat Srinoy; S. Srinoy; Faculty of Science and Technology, Suan Dusit Rajabhat University, Bangkok, 10300, Thailand; email: surat_sri@dusit.ac.th
    Advance in information and communication technologies, force us to keep most of the information electronically, consequently, the security of information has become a fundamental issue. The traditional intrusion detection systems look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. However, normal operation often produces traffic that matches likely "attack signature", resulting in false alarms. One main drawback is the inability of detecting new attacks which do not have known signatures. In this paper particle swarm optimization (PSO) is used to implement a feature selection, and support vector machine (SVMs) with the one-versus-rest method serve as a fitness function of PSO for classification problems from the literature. Experimental result shows that our method allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. Our method simplifies features effectively and obtains a higher classification accuracy compared to other methods. © 2007 IEEE.
  • Default Image
    Item
    Intrusion detection via independent component analysis based on rough fuzzy
    (2006) Surat Srinoy; Werasak Kurutach; Witcha Chimphlee; Siriporn Chimphlee; Santi Sounsri; S. Srinoy; Department of Computer Engineering, Mahanakorn University of Technology, Nongchok, Bangkok, 51 Chuemsumphun Road, Thailand; email: surat_sri@dusit.ac.th
    Independent component analysis (ICA) aims at extracting unknown hidden factors/components from multivariate data using only the assumption that unknown factors are mutually independent. In this paper we discuss an intrusion detection method that proposes independent component analysis based feature selection heuristics and using rough fuzzy for clustering data. Rough set has to decrease the amount of data and get rid of redundancy and Fuzzy methods allow objects to belong to several clusters simultaneously, with different degrees of membership. The experimental results on Knowledge Discovery and Data Mining-(KDDCup 1999) dataset.
  • Default Image
    Item
    Meta-scheduler in Grid environment with multiple objectives by using genetic algorithm
    (2006) Siriluck Lorpunmanee; Mohd Noor Md Sap; Abdul Hanan Abdullah; Surat Srinoy; S. Lorpunmanee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Rd., Malaysia; email: siriluck_lor@dusit.ac.th
    Grid computing is the principle in utilizing and sharing large-scale resources of heterogeneous computing systems to solve the complex scientific problem. Such flexible resource request could offer the opportunity to optimize several parameters, such as coordinated resource sharing among dynamic collections of individuals, institutions, and resources. However, the major opportunity is in optimal job scheduling, which Grid nodes need to allocate the resources for each job. This paper proposes and evaluates a new method for job scheduling in heterogeneous computing Systems. Its objectives are to minimize the average waiting time and make-span time. The minimization is proposed by using a multiple objective genetic algorithm (GA), because the job scheduling problem is NP-hard problem. Our model presents the strategies of allocating jobs to different nodes. In this preliminary tests we show how the solution founded may minimize the average waiting time and the make-span time in Grid environment. The benefits of the usage of multiple objective genetic algorithm is improving the performance of the scheduling is discussed. The simulation has been obtained using historical information to study the job scheduling in Grid environment. The experimental results have shown that the scheduling system using the multiple objective genetic algorithms can allocate jobs efficiently and effectively.
  • Default Image
    Item
    Rough fuzzy approach for web usage mining
    (2006) Siriporn Chimphlee; Naomie Salim; Mohd Salihin Bin Ngadiman; Witcha Chimphlee; Surat Srinoy; S. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Rd, Thailand; email: siriporn_chi@dusit.ac.th
    Web usage mining is a new subfield of data mining research. It aims at discovery of trends and regularities in web users' access patterns. In the past few years, web usage mining techniques have grown rapidly together with the explosive growth of the web, both in the research and commercial areas. A challenge in web classification is how to deal with the high dimensionality of the feature space. This paper applies the concept of rough fuzzy approach for classification in web usage mining tasks after we present Independent Component Analysis (ICA) for feature. Clustering is an important part of web mining that involves finding natural groupings of web resources or web users.
  • Default Image
    Item
    To detect misuse and anomaly attacks through rule induction analysis and fuzzy methods
    (2006) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Noor Md. Sap; Siriporn Chimphlee; Surat Srinoy; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Road, Thailand; email: witcha_chi@dusit.ac.th
    To protect networks, intrusion detection systems aim to identify attacks with a high detection rate and a low false alarm rate. In this paper we propose an intrusion detection method that combines rule induction analysis for misuse detection and Fuzzy c-means for anomaly detection. Rule induction is used to generate patterns from data and finding a set of rules that satisfy some predefined criteria. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Our method is an accurate model for handle complex attack patterns in large networks. Empirical studies using the network security data set from the DARPA 1998 offline intrusion detection project (KDD 1999 Cup) show the feasibility of misuse and anomaly detection results.