Abstract
Confidentiality, Integrity, and Availability of Military information is a crucial and critical factor for a country’s national security. The security of military information systems (MIS) and Networks (MNET) is a subject of continuous research and design, due to the fact that they manage, store, manipulate, and distribute the information. This study presents a bio-inspired hybrid artificial intelligence framework for cyber security (bioHAIFCS). This framework combines timely and bio-inspired Machine Learning methods suitable for the protection of critical network applications, namely military information systems, applications and networks. More specifically, it combines (a) the hybrid evolving spiking anomaly detection model (HESADM), which is used in order to prevent in time and accurately, cyber-attacks, which cannot be avoided by using passive security measures, namely: Firewalls, (b) the evolving computational intelligence system for malware detection (ECISMD) that spots and isolates malwares located in packed executables untraceable by antivirus, and (c) the evolutionary prevention system from SQL injection (ePSSQLI) attacks, which early and smartly forecasts the attacks using SQL Injections methods.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Garcıa Teodoro, P., Dıaz-Verdejo, J., Macia-Fernandez, G., Vazquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Elsevier Comput. Security 28, 18–28 (2009)
Demertzis, K., Iliadis, L.: A hybrid network anomaly and intrusion detection approach based on evolving spiking neural network classification. In: E-Democracy, Security, Privacy and Trust in a Digital World. Communications in Computer and Information Science, vol. 441, pp. 11–23. (2014). doi:10.1007/978-3-319-11710-2_2
Yan, W., Zhang, Z., Ansari, N.: Revealing packed malware. IEEE Secur. Priv. 6(5), 65–69 (2007)
Cesare, S., **ang, Y.: Software Similarity and Classification. Springer, New York (2012)
Demertzis, K., Iliadis, L.: Evolving computational intelligence system for malware detection. In: Advanced Information Systems Engineering Workshops. Lecture Notes in Business Information Processing, vol. 178, pp. 322–334. (2014). doi:10.1007/978-3-319-07869-4_30
Open Web Application Security Project (OWASP): (2014) https://www.owasp.org
Dorothy, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng. 13, 222–232 (1987). doi:10.1109/TSE.1987.232894
Puketza, N., Zhang, K., Chung, M., Mukherjee, B., Olsson, R.A.: A methodology for testing intrusion detection system. IEEE Trans. Softw. Eng. 22, 719–729 (1996). doi:10.1109/32.544350
Bharti, K., Jain, S., Shukla, S.: Fuzzy K-mean clustering via random forest for intrusiion detection system. Int. J. Comput. Sci. Eng. 02(06), 2197–2200 (2010)
Mehdi B., Mohammad B.: An overview to software architecture in intrusion detection system. Int. J. Soft Comput. Softw. Eng. (2012). doi:10.7321/jscse.v1.n1.1
Muna, M., Jawhar, T., Monica, M.: Design network intrusion system using hybrid fuzzy neural network. Int. J. Comput. Sci. Secur. 4(3), 285–294 (2009)
Jakir, H., Rahman, A., Sayeed, S., Samsuddin, K., Rokhani, F.: A modified hybrid fuzzy clustering algorithm for data partitions. Aust. J. Basic Appl. Sci. 5, 674–681 (2011)
Suguna, J., Selvi, A.M.: Ensemble fuzzy clustering for mixed numeric and categorical data. Int. J. Comput. Appl. 42, 19–23 (2012). doi:10.5120/5673-7705
Vladimir, V.: The Nature of Statistical Learning Theory, 2nd edn., p. 188. Springer, New York (1995). ISBN-10: 0387945598
John, G.H.: Estimating continuous distributions in bayesian classifiers. In: Proceedings of the Eleventh Conference on Uncertainty in Artificial Intelligence, (UAI’ 95), pp. 338–345. Morgan Kaufmann Publishers Inc., San Francisco (1995)
Sang-Jun, H., Sung-Bae, C.: Evolutionary neural networks for anomaly detection based on the behavior of a program. IEEE Trans. Syst. Man Cybern. 36, 559–570 (2005) doi:10.1109/TSMCB.2005.860136
Mehdi, M., Mohammad, Z.: A neural network based system for intrusion detection and classification of attacks. In: IEEE International Conference on Advances in Intelligent Systems - Theory and Applications (2004)
Zhou, T.-J.: The research of intrusion detection based on genetic neural network. In: Proceedings of the 2008 International Conference on Wavelet Analysis and Pattern Recognition, pp. 276–281, 30–31 Aug 2008. IEEE Xplore Press, Hong Kong (2008). doi:10.1109/ICWAPR.2008.4635789
Novikov, D., Yampolskiy, R.V., Reznik, L.: Anomaly detection based intrusion detection. In: Proceedings of the Third International Conference on Information Technology: New Generations, pp. 420–425, 10–12 April 2006. IEEE Xplore Press, Las Vegas (2006) doi:10.1109/ITNG.2006.33
Dahlia, A., Zainaddin, A., Mohd Hanapi, Z.: Hybrid of fuzzy clustering neural network over nsl dataset for intrusion detection system. J. Comput. Sci. 9(3), 391–403 (2013). ISSN: 1549-3636 2013. doi:10.3844/jcssp.2013391 403 [Science Publications]
Tartakovskya, A.G., Rozovskii, B.L., Rudolf, B., Blazek, R.B., Kim, H.J.: A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods. IEEE Trans. Signal Process. 54(9) (2006). doi:10.1109/TSP.2006.879308
Mukhopadhyay, I.: Implementation of Kalman filter in intrusion detection system. In: Proceeding of ISCI Technologies, Vientiane (2008)
Simei Gomes, W., Lubica, B., Kasabov Nikola, K.: Adaptive learning procedure for a network of spiking neurons and visual pattern recognition. In: Advanced Concepts for Intelligent Vision Systems. Springer, New York (2006)
Babar, K., Khalid, F.: Generic unpacking techniques., Computer, Control and Communication, 2nd International Conference on IC4 IEEE (2009), DOI:10.1109/IC4.2009.4909168 (2009)
Royal, P., Halpin, M., Dagon, D., Edmonds, R.: Polyunpack: automating the hidden-code extraction of unpack-executing malware. In: ACSAC (2006)
Kang, M., Poosankam, P., Yin, H.: Renovo: a hidden code extractor for packed executables. In: 2007 ACM Workshop on Recurring Malcode (2007)
Martignoni, L., Christodorescu, M., Jha, S.: Omniunpack: fast, generic, and safe unpacking of malware. In: Proceedings of the ACSAC, pp. 431/441 (2007)
Yegneswaran, V., Saidi, H., Porras, P., Sharif, M.: Eureka: a framework for enabling static analysis on malware. Technical Report SRI-CSL-08-01 (2008)
Danielescu, A.: Anti-debugging and anti-emulation techniques. Code-Breakers J. 5(1), 27–30 (2008)
Farooq, M.: PE-Miner: mining structural information to detect malicious executables in realtime. In: 12th Symposium on Recent Advances in ID, pp. 121–141. Springer, New York (2009)
Shaq, M., Tabish, S., Farooq, M.: PE-probe: leveraging packer detection and structural information to detect malicious portable executables. In: Proceedings of the Virus Bulletin Conference (2009)
Perdisci, R., Lanzi, A., Lee, W.: McBoost: boosting scalability in malware collection and analysis using statistical classiffication of executables. In: Proceedings of the 2008 Annual Computer Security Applications Conference, pp. 301/310 (2008). ISSN: 1063–9527
Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. ML Res. 7, 2721–2744 (2006)
Ugarte-Pedrero, X., Santos, I., Bringas, P.G., Gastesi, M., Esparza, J.M.: Semi-supervised Learning for Packed Executable Detection, Network and System Security (NSS), 5th International Conference on, (2011). DOI: 10.1109/ICNSS.2011.6060027
Ugarte-Pedrero, X., Santos, I., Laorden, C., Sanz, B., Bringas, G.P.: Collective classification for packed executable identification. In: ACM CEAS (2011)
Gavrilut, D., Cimpoes, M., Anton, D., Ciortuz, L.: Malware detection using machine learning. In: Proceedings of the International Multiconference on Computer Science and Information Technology, pp. 735–741 (2009). ISBN: 978-83-60810-22-4
Ye, Y., Wang, D., Li, T., Ye, D.: Imds: Intelligent Malware Detection System. ACM, New York (2007)
Chandrasekaran, M., Vidyaraman, V., Upadhyaya S.J.: Spycon: emulating user activities to detect evasive spyware. Performance, Computing, and Communications Conference, 2007. In: IPCCC 2007. IEEE International Conference on (2007). DOI:10.1109/PCCC.2007.358933
Chouchane, M.R., Walenstein, A., Lakhotia, A.: Using Markov Chains to filter machine-morphed variants of malicious programs. In: 3rd International Conference on Malicious and Unwanted Software, 2008, MALWARE 2008, pp. 77–84 (2008)
Stamp, M., Attaluri, S., McGhee, S.: Profile hidden marko v models and metamorphic virus detection. J. Comput. Virol. 5(2):151-169 (2009). DOI: 10.1007/s11416-008-0105-1
Santamarta, R.: Generic detection and classification of polymorphic malware using neural pattern recognition, white paper, ReverseMode. http://www.reversemode.com/ (2006)
Yoo, I.: Visualizing windows executable viruses using self-organizing maps. In: VizSEC/DMSEC ’04: ACM Workshop (2004)
Livshits, V.B., Lam, M.S.: Finding Security vulnerability in Java applications with static analysis. In: Proceedings of the 14th USS, August 2005
Halfond, W.G.J., Orso, A., Manolios, P.: WASP: protecting web applications using positive tainting and syntax-aware evaluation. IEEE Trans. Softw. Eng. 34, 181–191 (2008)
Buehrer, G.T., Weide, B.W., Sivilotti, Using Parse tree validation to prevent SQL injection attacks. In: Proceeding of the 5th International Workshop on Software Engineering and Middleware (SEM ’056), pp. 106–113, September 2005
Cova, M., Balzarotti, D., Felmetsger, V., Vigna, G.: Swaddler: an approach for the anamoly based character distribution models in the detection of SQL injection attacks. In: Recent Advances in Intrusion Detection System, pp. 63–86. Springerlink, New York (2007)
Gerstenberger, R.: Anomaliebasierte Angriffserkennung im FTP-Protokoll. Master’s Thesis, University of Potsdam, Germany (2008)
Dùssel, P., Gehl, C., Laskov, P., Rieck, K.: Incorporation of application layer protocol syntax into anomaly detection. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 188–202. Springer, Heidelberg (2008)
Bockermann, C., Apel, M., Meier, M.: Learning sql. for database intrusion detection using context-sensitive modelling. In: Detection of Intrusions and Malware, and Vulnerability Assessment, vol. 5587/2009, pp. 196–205. Springer Berlin/Heidelberg (2009)
Dewhurst, R.: Damn Vulnerable Web Application (DVWA). http://www.dvwa.co.uk/ (2012)
Bernardo Damele, A.G., Stampar, M.: Sqlmap: automatic SQL injection and database takeover tool. http://sqlmap.sourceforge.net/ (2012)
Valeur, F., Mutz, D., Vigna, G.: A Learning-based approach to the detection of SQL attacks. In: Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment, Vienna, pp. 123–140 (2005)
Wang, Y., Li, Z.: SQL injection detection with composite kernel in support vector machine. Int. J. Secur. Appl. 6(2), 191 (2012)
Romi Rawat, R., Kumar Shrivastav, S.: SQL injection attack detection using SVM. Int. J. Comput. Appl. 42(13), 0975–8887 (2012)
Huang, Z., Hong Cheon, E.: An approach to prevention of SQL injection attack based on machine learning. In: Proceedings of the First Yellow Sea International Conference on Ubiquitous Computing, Weihai (2011)
Hong Cheon, E., Huang, Z., Sik Lee, Y.: Preventing SQL injection attack based on machine learning. Int. J. Adv. Comput. Technol. 5(9), (2013). doi:10.4156/ijact.vol5.issue9.115
Thorpe, S.J., Arnaud, D., van Rullen, R.: Spike-based strategies for rapid processing. Neural Netw. 14(6–7), 715–725 (2001)
Delorme A., Perrinet L., Thorpe S.J., Networks of integrate-and-fire neurons using rank order coding b: spike timing dependant plasticity and emergence of orientation selectivity. Neurocomputing 38–40(1–4), 539–545 (2000)
Thorpe, S.J., Gautrais, J.: Rank order coding. In: CNS ’97: Proceding of the 6th Annual Conference on Computational Neuroscience: Trends in Research, pp. 113–118. Plenum Press, New York (1998)
Nikola, K.: Evolving Connectionist Systems: The Knowledge Engineering Approach. Springer, New York (2006)
Schliebs, S., Defoin-Platel, M., Kasabov, N.: Integrated feature and parameter optimization for an evolving spiking neural network. In: 15th International Conference, ICONIP 2008. Lecture Notes in Computer Science, vol. 5506, pp. 1229–1236, 25–28 Nov 2008. Springer, New York (2009)
Shrivastava, S., Singh, M.P.: Performance evaluation of feed-forward neural network with soft computing techniques for hand written English alphabets. Appl. Soft Comput. 11(1), 1156–1182 (2011)
Shao, Y.E., Hsu, B.-S.: Determining the contributors for a multivariate SPC chart signal using artificial neural networks and support vector machine. J. ICIC 5(12(B)), 4899–4906 (2009)
Chou, P.-H., Hsu, C.-H., Wu, C.-F., Li, P.-H., Wu, M.-J.: Application of back-propagation neural network for e-commerce customers patterning. ICIC Express Lett. 3(3(B)), 775–785 (2009)
He, C., Li, H., Wang, B., Yu, W., Liang, X.: Prediction of compressive yield load for metal hollow sphere with crack based on artificial neural network. ICIC Express Lett. 3(4(B)), 1263–1268 (2009)
Wu, J.K., Kang, J., Chen, M.H., Chen, G.T.: Fuzzy neural network model based on particle swarm optimization for short-term load forecasting. In: Proceedings of CSU-EPSA 19(1), 63–67 (2007)
Li, D.K., Zhang, H.X., Li, S.A.: Development cost estimation of aircraft frame based on BP neural networks. FCCC 31(9), 27–29 (2006)
Karimi, B., Menhaj, M.B., Saboori, I.: Multilayer feed forward neural networks for controlling decentralized large-scale non-affine nonlinear systems with guaranteed stability. Int. J. Innov. Comput. Inf. Control 6(11), 4825–4841 (2010)
ZareNezhad, B., Aminian, A.: A multi-layer feed forward neural network model for accurate prediction of fue gas sulfuric acid dew points in process industries. Appl. Therm. Eng. 30(6–7), 692–696 (2010)
Huang, L., Song, Q., Kasabov, N.: Evolving connectionist system based role allocation for robotic soccer. Playing, Intelligent Control, 2005. Proceedings of the IEEE International Symposium on (2005). Mediterrean Conference on Control and Automation (2005). DOI:10.1109/.2005.1466988
Kasabov, N.: Evolving fuzzy neural networks for on-line supervised/ unsupervised, knowledge–based learning. IEEE Trans. Cybern. 31(6), 902–918 (2001)
Song, Q., Kasabov, N.: Weighted data normalization and feature selection. In: Proceedings 8th Intelligence Information Systems Conference (2003)
Kasabov, N., Song Q.: GA-parameter optimization of evolving connectionist systems for classification and a case study from bioinformatics. In: 9th Conference on Neural Information ICONIP ’02, IEEE ICONIP. 1198128 (2002)
Vlassis, N.: A Concise Introduction to Multiagent Systems and Distributed Artificial Intelligence. Morgan and Claypool Publishers, San Rafael (2008). ISBN: 978-1-59829-526-9
Stolfo Salvatore, J., Wei, F., Lee, W., Andreas, P., Chan, P.K.: Cost-based modeling and evaluation for data mining with application to fraud and intrusion detection: results from the JAM project. In: Proceedings of DARPA Information Survivability Conference and Exposition, DISCEX ’00 (2000)
Jeff, H.: Introduction to Neural Networks with Java, 1st edn. (2008). ISBN: 097732060X
Goh, L., Song, Q., Kasabov, N.: A novel feature selection method to improve classification of gene expression data. In: 2nd Asia-Pacific IT Conference, vol. 29 (2004)
Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27(3), 379–423 (1948)
Zwillinger, D., Kokoska, S.: CRC Standard Probability and Statistics Tables and Formulae, CRC Press Print (1999). ISBN: 978-1-58488-059-2, eBook ISBN: 978-1-4200-5026-4
Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P.: J. Artif. Intell. Res., 16(1), 321–357 (2002)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Demertzis, K., Iliadis, L. (2015). A Bio-Inspired Hybrid Artificial Intelligence Framework for Cyber Security. In: Daras, N., Rassias, M. (eds) Computation, Cryptography, and Network Security. Springer, Cham. https://doi.org/10.1007/978-3-319-18275-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-18275-9_7
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18274-2
Online ISBN: 978-3-319-18275-9
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)