An Application of Membrane Computing to Anomaly-based Intrusion Detection System

Intruders are mischievous individuals who devise all possible methods to compromise the integrity, confidentiality and availability of the electronic information systems through intrusion. Intuitively, intrusion in an information system is an activity which deliberately violates the security policy of that system. Intrusion Detection System (IDS) therefore, is an attempt aimed at curtailing the excesses of the intruders. Based on their model of application, an IDS is either Misused-based or Anomaly-based. However, while trying to track down penetrations by intruders within a network, several irrelevant and redundant features which have consequential effects on the performance and computational resources, crop up. This has necessitated efforts from concerned people and corporate organizations to deploy means of reducing these negative impacts especially in the anomaly- based IDSs. Past research has shown that Bee Algorithm (BA) has presented the best features selection techniques for IDS. However, because of the fact that there is no perfect system anywhere, there is still room for improvement on it. Membrane computing, with its distributed parallel computing advantage has allowed the BA to be improved upon thereby bringing forth better solution. Therefore in this paper, we propose a new but robust algorithm called membrane algorithm for solving another NP complete optimization problem using the P-system paradigm. More importantly therefore, this paper presents preliminary results on proposed technique of using Membrane Computing (MC) to enhance the performance of a BA based feature selection of anomaly IDS. The data used for the experiments were randomly taken from Knowledge Discovery and Data mining KDD-Cup 99 dataset. Consequent upon the experiments, our approach produced high Attack Detection Rate (ADR) and significantly reduced False Alarm Rate (FAR).