1. INTRODUCTION:

The word "intrusion" has its own significant meaning in it which is nothing but an interruption to a system. These systems serves many purposes that is more essential and useful. As there is a need formore security to maintain the systems for a longer period of time it needs some security systems that can monitor the actual system in case of any anomalies that may disrupt the actual system. Intrusion detection systems are not only used for monitoring threats but also to monitor possible events with the help of sensors. It has been used in various fields of daily life like Automatic House security System, MNC's, Security systems in Shopping Malls, Public safety etc. Intrusion detection system is application software that monitors a system for any threats that may spoil the system [1]. The main significant feature that motivates the user to go for intrusion detection systems is that it maintains reports of that intrusion. Intrusion detection systems are the most widely used surveillance systems in today's world. It is not easy build a intrusion detection system. Intrusion detection systems cannot be built using a single method. It is built by combining all the methodologies, algorithms, formulations etc.Intrusion detection systems require more secured features to maintain the system in order to prevent it from anomalies [2]. Intrusion may come manually from a person or through a network system. Many techniques has been implemented for intrusion detection from different domain. Nowadays, Artificial intelligence plays an important role. This paper describes about different artificial techniques used for detecting the threats on wireless network and their applications.

2. TYPES OF INTRUSION PREVENTION SYSTEM:

There are system based (NIDS) and host based (HIDS) interruption recognition frameworks. There are IDS that distinguish in view of searching for particular marks of known dangers like the way antivirus programming regularly identify and ensures against malware-and there are IDS that recognize in light of contrasting movement designs against a standard and searching for inconsistencies [3]. There are IDS that essentially screen and caution and there are IDS that play out an activity or activities in light of an identified risk. We'll cover each of these quickly.

A. NIDS:

Network Intrusion Detection Systems are put at a vital point or indicates inside the system screen activity to and from all gadgets on the system. Preferably you would filter all inbound and outbound movement, however doing as such may make a bottleneck that would weaken the general speed of the system.

B. HIDS:

Host Intrusion Detection Systems are keep running on individual hosts or gadgets on the system. A HIDS screens the inbound and outbound parcels from the gadget just and will caution the client or executive of suspicious action is identified

C. Signature Based:

A mark construct IDS will screen parcels in light of the system and look at them against a database of marks or characteristics from known noxious dangers. This is like the way most antivirus programming distinguishes malware. The issue is that there will be a slack between another risk being found in the wild and the mark for recognizing that danger being connected to your IDS. Amid that slack time your IDS would be not able identify the new risk.

D. Anomaly Based:

An IDS which is peculiarity based will screen arrange movement and analyze it against a set up gauge. The standard will distinguish what is "typical" for that system what kind of transmission capacity is for the most part utilized, what conventions are utilized, what ports and gadgets for the most part associate with each other-and alarm the executive or client when movement is recognized which is abnormal, or fundamentally unique, than the pattern.

E. Passive IDS:

An passive IDS basically distinguishes and alarms. Whenever suspicious or pernicious movement is identified a caution is created and sent to the head or client and it is dependent upon them to make a move to hinder the action or react somehow.

F. Reactive IDS:

A reactive IDS won't just recognize suspicious or malignant activity and alarm the head, yet will take pre-characterized proactive activities to react to the risk. Commonly this implies hindering any further system movement from the source IP address or client. A standout amongst the most surely understood and broadly utilized interruption location frameworks is the open source, uninhibitedly accessible Snort. For other freeware interruption discovery applications you can visit Free Intrusion Detection Software.

3. ARTIFICIAL INTELLIGENCE BASED TECHNIQUES:

Many techniques are used to detect the intrusion whereas AI plays major role for detection. Artificial neural network are most widely used techniques for intrusion detection system. Intrusion detection system in which artificial intelligence system based techniques are.

A. Artificial neural networks:

Artificial neural network (ANN) is inspired from human nervous system, which is connected through neurons. Neural networks have the capability to understand and learn by training and can be used to identify complex trends [4, 5]. There are two types of ANN architectures, that is, feedforward ANN and feedback ANN.

In feedforward ANN, the signs move in just a single bearing from contribution to yield. In criticism ANN, the signs move in both headings.

ANN ideas are useful in numerous regions, for example, design acknowledgment and interruption identification. ANN based interruption recognition can be useful to dispense with the deficiencies of administer based IDSs. Be that as it may, ANN based IDSs can be more compelling if appropriately prepared with both typical and anomalous informational collections.

Fig no 1. Architecture of artificial neuron

B. Genetic algorithm:

Genetic Algorithm used for solving many complex problem. It gives optimal solution for many computer related problem. In IDSs, genetic algorithm can be used for classification of security attacks and for generating specific rules for different security attacks [6]. In genetic algorithm, the selection module infers most reasonable answer or answer for some particular issue. In crossover module, different parameters are traded out of various arrangements keeping in mind the end goal to get new arrangements. Mutation module transforms maybe a couple parameters to get optimality in hereditary calculation. A Genetic calculation based system IDS (GA-NIDS) is available in [7]. The proposed framework considers numerous parameters, for example, convention sort, organize administrations, and status of the association with create rules. The location instrument is prepared on particular dataset, with the goal that it can precisely recognize and arrange security assaults. In this component, six tenets are intended to identify six distinct sorts of foreswearing of administration (DOS) and testing assaults. The creators assert that the identification rate of DOS assaults is 100%.

A lightweight IDS with reduced complexity using genetic algorithm for WSN deals with measurement of sensor node suitability and attributes to the perceived threat[8].A local monitoring node is introduced that acts like a proxy agent for the sink and is capable of monitoring neighbors.

When the genetic algorithm is applied to an IDS, several issues must be taken into account. The first one is the type of intrusion detection system purpose, and the second one is the element where it will be applied.

Fig no2.genetic algorithm in IDS

C. Fuzzy system:

The fuzzy based network intrusion detection system have shown their capacity to distinguish different sort of Intrusion in various applications domains [9]. When all is said in done, arrange interruption discovery depends on master information of security, specifically their relationship with the PC framework. The Network intrusion identification framework are chiefly utilized KDD Cup datasets for experimentation. This dataset are isolated into preparing and testing datasets, which are utilized for identification of interruption. The diverse strides required in the organize interruption discovery framework are as follows [10]:

· Classification of training datasets

· Selection of suitable attributes

· Generation of fuzzy rule

· Fuzzy Decision model

Fig no 3.fuzzy system in IDS

3.1 Feature Extraction:

The principal motivation behind proposed framework is highlight extraction and second is gathering these components into four Classifications:

3.1.1 Basic components:

It exemplify every one of the characteristics that can be extricated from TCP/IP arrange connections. Basic components are the initial six elements given in KDD cup dataset.

3.1.2 Traffic highlights:

It comprise of:

1. "Same host" Features: Same goal have for the associations.

2. "Same Service" Features: Provide same support of the association.

3.1.3 Content Features:

The DOS and examining assaults includes numerous association with host in brief timeframe. The R2L and U2R assaults are separated in the information of the system parcels. To identify these sorts of assaults, the substance components are used. Content Features resemble number of fizzled login endeavor and so forth.

3.2 Preprocessing:

In preprocessing the concentrate components are taken and changed into paired shape. The data pick up is distinguish is for discrete elements and continuous highlights. The preprocessor is in charge of acknowledge the removing highlights information, data and give it as contribution for choosing suitable properties. These preprocessor is utilized for perusing information from the preparation datasets containing data as an estimations of each elements. Preprocessing is finished by concentrate on the chose highlights qualities that contain and ordinary information.

3.3 Selection of suitable characteristics:

In these, step most suitable attributes are taken for identifying the whether the information is typical or assault. The input information contain 25 attributes from these all attributes are not productive or powerful to identify interruption. Hence, we need to choose just those attributes that are suitable for distinguishing interruption. Different techniques are utilized for choosing suitable attributes like deviation strategy.

3.4 Generation of fuzzy rule:

Fuzzy framework is utilized for acquiring fuzzy standards. In the event that then standards is successfully utilized as a part of producing fuzzy govern in numerous application spaces. These if-then control is picked up from information master. Each control design as takes after:

In the event that <condition> then <action>

All activities more often than not decides from condition through assessing present system connection and guidelines in IDS. The activity field submits on which contradiction what move to be made.

3.5 Fuzzy decision model:

Fuzzy decision models contains 41 information and 1 yield. The information given to the fuzzy choice models are related to the 41 attributes where as it delivers just a single yield is related to the assault information and ordinary data. The fuzzy choice model depends on fuzzy rationale.

4. CONCLUSION:

Though we briefly present the security objectives and classification of IDS based on processing components. Details of various artificial intelligence techniques applied in intrusion detection are presented. IDSs are capable of detecting intrusions and informing the professionals well in time. There are many methodologies and techniques which are used to design IDSs such as neural network, genetic algorithm and fuzzy system. The IDS can be developed in a short time period and low development using this techniques.

5. REFERNCES:

1. Alrajeh, Nabil Ali, and Jaime Lloret. "Intrusion detection systems based on artificial intelligence techniques in wireless sensor networks. "International Journal of Distributed Sensor Networks (2013).

2. P. Srinivasu, P.S. Avadhani, V. Korimilli, P. Ravipati, Approaches and Data Processing Techniques for Intrusion Detection Systems", Vol. 9, No. 12, 2009.

3. Alrajeh N., Khan S., Shams B.Intrusion detection systems in wireless sensor networks: a review International Journal of Distributed Sensor Networks 2013

4. Alrajeh N., Khan S., Lloret J., Loo J.Artificial neural network based detection of energy exhaustion attacks in wireless sensor networks capable of energy harvesting Journal of Ad Hoc and Sensor Wireless Networks2013

5. Li Y. Y., Parker L. E.Intruder detection using a wireless sensor network with an intelligent mobile robot response Proceedings of the IEEE Southeast Conference April 2008

6. Mukherjee P., Sen S.Using learned data patterns to detect malicious nodes in sensor networks Distributed Computing and Networking2008.Berlin, Germany Springer.

7. Marcos M. Campos, Boriana L. Milenova, \Creation and Deployment of Data Mining-Based Intrusion Detection Systems in Oracle Database 10g", in Proceedings of the Fourth International Conference on Machine Learning and Applications, 2005.

8. Goyal A., Kumar C.GA-NIDS: a genetic algorithm based network intrusion detection system2008

9. D. Md. Farid, M. Z. Rahman, \Anomaly Network Intrusion Detection Based on Improved Self Adaptive Bayesian Algorithm", in Journal of Computers, Vol. 5, no. 1, January 2010.

10. Khanna R., Liu H., Chen H.-H.Reduced complexity intrusion detection in sensor networks using genetic algorithm Proceedings of the IEEE International Conference on Communications (ICC '09)June 2009

Received on 17.05.2017 Accepted on 28.06.2017

Int. J. Tech. 2017; 7(1): 20-24

DOI:10.5958/2231-3915.2017.00005.0