Skip to main content
Springer Nature Link
Log in

Advanced Signature-Based Intrusion Detection System

  • Conference paper
  • First Online:
Intelligent Communication Technologies and Virtual Mobile Networks

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 131))

Abstract

Internet attacks have become more sophisticated over time, and they can now circumvent basic security measures like antivirus scanners and firewalls. Identifying, detecting, and avoiding breaches is essential for network security in today's computing world. Adding an extra layer of defence to the network infrastructure through an Intrusion Detection System is one approach to improve network security. Anomaly-based or signature-based detection algorithms are used by existing Intrusion Detection Systems (IDS). Signature-based IDS, for example, detects attacks based on a set of signatures but is unable to detect zero day attacks. In contrast, anomaly-based IDS analyses deviations in behaviour and can detect unexpected attacks. This study suggests designing and developing an Advanced signature-based Intrusion Detection System for Improved Performance by Combining Signature and Anomaly-Based Approaches. It includes three essential stages, first Signature-based IDS used for checking the attacks from the Signature Ruleset using Decision Tree received accuracy 96.96%, and the second stage Anomaly-based IDS system used Deep learning technique ResNet50. The model relies on ResNet50, a Convolutional Neural Network with 50 layers that received an accuracy of 97.25%. By classifying all network packets into regular and attack categories, the combination of both detect known and unknown attacks is the third stage and generates signature from anomaly-based IDS. It gives the accuracy of 98.98% for detection of intrusion. Here findings show that the suggested intrusion detection system may efficiently detect real-world intrusions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. (2020) Cisco annual ınternet report—Cisco annual ınternet report (2018–2023) White Paper—Cisco. Available https://www.cisco.com/c/en/us/solutions/collateral/executiveperspectives/annual-internet-report/white-paper-c11-741490.html

  2. (2016) Massive brute-force attack on Alibaba affects millions. Available https://www.infosecurity-magazine.com/news/massive-bruteforce-attack-on

  3. Almutairi H, Abdelmajeed NT (2017) Innovative signature-based intrusion detection system: Parallel processing and minimized database. In: 2017 International conference on the frontiers and advances in data science (FADS), Xi’an, China, 2017, pp 114–119, https://doi.org/10.1109/FADS.2017.8253208

  4. Kruegel C, Toth T (2003) Using decision trees to ımprove signature-based ıntrusion detection. In: Vigna G, Kruegel C, Jonsson E (eds) Recent advances in ıntrusion detection. RAID 2003. Lecture notes in computer science, vol 2820. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45248-5_10

  5. Al Yousef MY, Abdelmajeed NT (2019) Dynamically detecting security threats and updating a signature-based ıntrusion detection system’s database. Procedia Comput Sci 159:1507–1516. ISSN 1877-0509. https://doi.org/10.1016/j.procs.2019.09.321

  6. Patel PM, Rajput PH, Patel PH (2018) A parallelism technique to ımprove signature based ıntrusion detection system. Asian J Convergen Technol (AJCT) 4(II)

    Google Scholar 

  7. Kruegel C, Toth T. Automatic rule clustering for improved, signature based ıntrusion detection. Technical report. Distributed System Group, Technical University, Vienna, Austria

    Google Scholar 

  8. Holm H (2014) Signature based ıntrusion detection for zero-day attacks: (Not) a closed chapter? In: 2014 47th Hawaii ınternational conference on system sciences, Waikoloa, HI, USA, 2014, pp 4895–4904. https://doi.org/10.1109/HICSS.2014.600

  9. Ma J, Le F, Russo A, Lobo J (2015) Detecting distributed signature-based intrusion: the case of multi-path routing attacks. In: 2015 IEEE conference on computer communications (INFOCOM), Hong Kong, China, 2015, pp 558–566. https://doi.org/10.1109/INFOCOM.2015.7218423

  10. Yassin W, Udzir NI, Abdullah A, Abdullah MT, Zulzalil H, Muda Z (2014) Signature-based Anomaly intrusion detection using Integrated data mining classifiers. In: 2014 International symposium on biometrics and security technologies (ISBAST), Kuala Lumpur, Malaysia, 2014, pp 232-237. https://doi.org/10.1109/ISBAST.2014.7013127

  11. Shiri FI, Shanmugam B, Idris NB (2011) A parallel technique for improving the performance of signature-based network intrusion detection system. In: 2011 IEEE 3rd ınternational conference on communication software and networks, Xi’an, China, 2011, pp 692–696. https://doi.org/10.1109/ICCSN.2011.6014986

  12. Bhuyan MH, Bhattacharyya DK, Kalita JK (2014) Network anomaly detection: Methods, systems and tools. IEEE Commun Surveys Tuts 16(1):303–336

    Google Scholar 

  13. Ahmed M, Mahmood AN, Hu J (2016) A survey of network anomaly detection techniques. J Netw Comput Appl 60:19–31. Available http://www.sciencedirect.com/science/article/pii/S1084804515002891

  14. Vinayakumar R, Soman KP, Poornachandran P. Applying convolutional neural network for network intrusion detection. In: Proceedings of international conference on advanced computing applications

    Google Scholar 

  15. Shaikh AA (2016) Attacks on cloud computing and its countermeasures. In: 2016 International conference on signal processing, communication, power and embedded system (SCOPES), 2016, pp 748–752. https://doi.org/10.1109/SCOPES.2016.7955539

  16. Ho S, Jufout SA, Dajani K, Mozumdar M (2021) A novel intrusion detection model for detecting known and innovative cyberattacks using convolutional neural network. IEEE Open J Comput Soc 2:14–25. https://doi.org/10.1109/OJCS.2021.3050917

    Article  Google Scholar 

  17. Jiang K, Wang W, Wang A, Wu H (2020) Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access 8:32464–32476. https://doi.org/10.1109/ACCESS.2020.2973730

    Article  Google Scholar 

  18. Shaikh A, Gupta P (2022) Real-time intrusion detection based on residual learning through ResNet algorithm. Int J Syst Assur Eng Manag. https://doi.org/10.1007/s13198-021-01558-1

    Article  Google Scholar 

  19. Mrs. Shaikh A, Dr. Sita D (2020) Anomaly based ıntrusion detection system using deep learning methods. In: Proceedings of the ınternational conference on recent advances in computational techniques (IC-RACT)

    Google Scholar 

  20. Do P, Kang H-S, Kim S-R (2013) Improved signature based intrusion detection using clustering rule for decision tree. In: Proceedings of the 2013 Research in Adaptive and Convergent Systems (RACS ’13). Association for Computing Machinery, New York, NY, USA, pp 347–348. https://doi.org/10.1145/2513228.251328

  21. (2016) Dyn analysis summary of Friday October 21 attack. Available https://web.archive.org/web/20200620203923/ and https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/

Download references

Author information

Authors and Affiliations

  1. Amity University, Mumbai, Maharashtra, India

    Asma Shaikh & Preeti Gupta

  2. Marathwada Mitra Mandal of Engineering, Pune, India

    Asma Shaikh

Authors
  1. Asma Shaikh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Preeti Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Asma Shaikh .

Editor information

Editors and Affiliations

  1. Department Electronics and Communication Engineering, Francis Xavier Engineering College, Tirunelveli, India

    G. Rajakumar

  2. Department of Electrical and Computer Engineering, Concordia University, Montreal, QC, Canada

    Ke-Lin Du

  3. San Jose State University, San Jose, CA, USA

    Chandrasekar Vuppalapati

  4. University of Patras, Agrinio, Greece

    Grigorios N. Beligiannis

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shaikh, A., Gupta, P. (2023). Advanced Signature-Based Intrusion Detection System. In: Rajakumar, G., Du, KL., Vuppalapati, C., Beligiannis, G.N. (eds) Intelligent Communication Technologies and Virtual Mobile Networks. Lecture Notes on Data Engineering and Communications Technologies, vol 131. Springer, Singapore. https://doi.org/10.1007/978-981-19-1844-5_24

Download citation

  • DOI: https://doi.org/10.1007/978-981-19-1844-5_24

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-19-1843-8

  • Online ISBN: 978-981-19-1844-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics