Open Science Research Excellence

A Harb

Publications

8

Publications

8
1513
Selective Minterms Based Tabular Method for BDD Manipulations
Abstract:

The goal of this work is to describe a new algorithm for finding the optimal variable order, number of nodes for any order and other ROBDD parameters, based on a tabular method. The tabular method makes use of a pre-built backend database table that stores the ROBDD size for selected combinations of min-terms. The user uses the backend table and the proposed algorithm to find the necessary ROBDD parameters, such as best variable order, number of nodes etc. Experimental results on benchmarks are given for this technique.

Keywords:
Tabular Method, Binary Decision Diagram, BDD Manipulation, Boolean Function.
7
1750
Scaling up Detection Rates and Reducing False Positives in Intrusion Detection using NBTree
Abstract:
In this paper, we present a new learning algorithm for anomaly based network intrusion detection using improved self adaptive naïve Bayesian tree (NBTree), which induces a hybrid of decision tree and naïve Bayesian classifier. The proposed approach scales up the balance detections for different attack types and keeps the false positives at acceptable level in intrusion detection. In complex and dynamic large intrusion detection dataset, the detection accuracy of naïve Bayesian classifier does not scale up as well as decision tree. It has been successfully tested in other problem domains that naïve Bayesian tree improves the classification rates in large dataset. In naïve Bayesian tree nodes contain and split as regular decision-trees, but the leaves contain naïve Bayesian classifiers. The experimental results on KDD99 benchmark network intrusion detection dataset demonstrate that this new approach scales up the detection rates for different attack types and reduces false positives in network intrusion detection.
Keywords:
Detection rates, false positives, network intrusiondetection, naïve Bayesian tree.
6
5652
Attacks Classification in Adaptive Intrusion Detection using Decision Tree
Abstract:
Recently, information security has become a key issue in information technology as the number of computer security breaches are exposed to an increasing number of security threats. A variety of intrusion detection systems (IDS) have been employed for protecting computers and networks from malicious network-based or host-based attacks by using traditional statistical methods to new data mining approaches in last decades. However, today's commercially available intrusion detection systems are signature-based that are not capable of detecting unknown attacks. In this paper, we present a new learning algorithm for anomaly based network intrusion detection system using decision tree algorithm that distinguishes attacks from normal behaviors and identifies different types of intrusions. Experimental results on the KDD99 benchmark network intrusion detection dataset demonstrate that the proposed learning algorithm achieved 98% detection rate (DR) in comparison with other existing methods.
Keywords:
Detection rate, decision tree, intrusion detectionsystem, network security.
5
6093
Binary Decision Diagrams: An Improved Variable Ordering using Graph Representation of Boolean Functions
Abstract:

This paper presents an improved variable ordering method to obtain the minimum number of nodes in Reduced Ordered Binary Decision Diagrams (ROBDD). The proposed method uses the graph topology to find the best variable ordering. Therefore the input Boolean function is converted to a unidirectional graph. Three levels of graph parameters are used to increase the probability of having a good variable ordering. The initial level uses the total number of nodes (NN) in all the paths, the total number of paths (NP) and the maximum number of nodes among all paths (MNNAP). The second and third levels use two extra parameters: The shortest path among two variables (SP) and the sum of shortest path from one variable to all the other variables (SSP). A permutation of the graph parameters is performed at each level for each variable order and the number of nodes is recorded. Experimental results are promising; the proposed method is found to be more effective in finding the variable ordering for the majority of benchmark circuits.

Keywords:
Binary decision diagrams, graph representation, Boolean functions representation, variable ordering.
4
6516
Adaptive Network Intrusion Detection Learning: Attribute Selection and Classification
Abstract:
In this paper, a new learning approach for network intrusion detection using naïve Bayesian classifier and ID3 algorithm is presented, which identifies effective attributes from the training dataset, calculates the conditional probabilities for the best attribute values, and then correctly classifies all the examples of training and testing dataset. Most of the current intrusion detection datasets are dynamic, complex and contain large number of attributes. Some of the attributes may be redundant or contribute little for detection making. It has been successfully tested that significant attribute selection is important to design a real world intrusion detection systems (IDS). The purpose of this study is to identify effective attributes from the training dataset to build a classifier for network intrusion detection using data mining algorithms. The experimental results on KDD99 benchmark intrusion detection dataset demonstrate that this new approach achieves high classification rates and reduce false positives using limited computational resources.
Keywords:
Attributes selection, Conditional probabilities,information gain, network intrusion detection.
3
7598
Maximum Norm Analysis of a Nonmatching Grids Method for Nonlinear Elliptic Boundary Value Problem −Δu = f(u)
Authors:
Abstract:
We provide a maximum norm analysis of a finite element Schwarz alternating method for a nonlinear elliptic boundary value problem of the form -Δu = f(u), on two overlapping sub domains with non matching grids. We consider a domain which is the union of two overlapping sub domains where each sub domain has its own independently generated grid. The two meshes being mutually independent on the overlap region, a triangle belonging to one triangulation does not necessarily belong to the other one. Under a Lipschitz assumption on the nonlinearity, we establish, on each sub domain, an optimal L∞ error estimate between the discrete Schwarz sequence and the exact solution of the boundary value problem.
Keywords:
Error estimates, Finite elements, Nonlinear PDEs, Schwarz method.
2
10789
BDD Package Based on Boolean NOR Operation
Abstract:
Binary Decision Diagrams (BDDs) are useful data structures for symbolic Boolean manipulations. BDDs are used in many tasks in VLSI/CAD, such as equivalence checking, property checking, logic synthesis, and false paths. In this paper we describe a new approach for the realization of a BDD package. To perform manipulations of Boolean functions, the proposed approach does not depend on the recursive synthesis operation of the IF-Then-Else (ITE). Instead of using the ITE operation, the basic synthesis algorithm is done using Boolean NOR operation.
Keywords:
Binary Decision Diagram (BDD), ITE Operation, Boolean Function, NOR operation.
1
13376
Mining Network Data for Intrusion Detection through Naïve Bayesian with Clustering
Abstract:
Network security attacks are the violation of information security policy that received much attention to the computational intelligence society in the last decades. Data mining has become a very useful technique for detecting network intrusions by extracting useful knowledge from large number of network data or logs. Naïve Bayesian classifier is one of the most popular data mining algorithm for classification, which provides an optimal way to predict the class of an unknown example. It has been tested that one set of probability derived from data is not good enough to have good classification rate. In this paper, we proposed a new learning algorithm for mining network logs to detect network intrusions through naïve Bayesian classifier, which first clusters the network logs into several groups based on similarity of logs, and then calculates the prior and conditional probabilities for each group of logs. For classifying a new log, the algorithm checks in which cluster the log belongs and then use that cluster-s probability set to classify the new log. We tested the performance of our proposed algorithm by employing KDD99 benchmark network intrusion detection dataset, and the experimental results proved that it improves detection rates as well as reduces false positives for different types of network intrusions.
Keywords:
Clustering, detection rate, false positive, naïveBayesian classifier, network intrusion detection.