Development of a Layered Conditional Random Field Based Network Intrusion Detection System
The rapid proliferation of network systems and mobile computing applications has changed the landscape of network security. The recent denial of service attacks on major Internet sites has shown that no open computer network is immune from intrusions. The inefficiency, inaccuracy and high false alarm rate of existing network security systems posed serious problems to network users, network administrators and security professionals and needs urgent redress. The traditional way of protecting network systems with firewalls and encryption software is no longer sufficient and effective, and there is an urgent need for new architecture and mechanism to protect network systems and mobile computing applications. Therefore, the purpose of this study is to develop an efficient model of network intrusion detection system using layered framework with conditional random fields that is capable of overcoming the apparent shortcomings of the present network intrusion detection systems. In this paper, the security system was developed using the structured system analysis and design methodology (SSADM). Furthermore, a simple, scalable, customizable and intelligent layered conditional random field based network intrusion detection system (LCRFNIDS) for detecting network based attacks was successfully implemented. This system will play a key role in controlling intruders’ activities by detecting network based attacks reliably and efficiently. Specifically, in this system: an automated network monitoring system was implemented for monitoring packet broadcast from unauthorized internet protocol (IP) addresses, usual packet size, unauthorized packet transmission and packet broadcast to unauthorized IP addresses In general, the developed system was tested and found to be very effective for detecting and alerting intruder’s activities in the network systems in order to establish a secured network system that will enhance business continuity and preserve organizations’ vital and sensitive information. The result of this study will help to proactively address potential security vulnerabilities by detecting attacks and security policy violations reliably and efficiently in network systems.
Keywords: layered framework, conditional random fields, layered conditional random fields, network intrusion detection system, intrusion detection techniques, security vulnerabilities, intrusion detection system, network security system