Four Char DNA Encoding for Anomaly Intrusion Detection System

Recent research has shown that a Deoxyribonucleic Acid (DNA) has ability to be used to discover diseases in human body as its function can be used for an intrusion-detection system (IDS) to detect attacks against computer system and networks traffics. Three main factor influenced the accuracy of IDS based on DNA sequence, which is DNA encoding method, STR keys and classification method to classify the correctness of proposed method. The pioneer idea on attempt a DNA sequence for intrusion detection system is using a normal signature sequence with alignment threshold value, later used DNA encoding based cryptography, however the detection rate result is very low. Since the network traffic consists of 41 attributes, therefore we proposed the most possible less character number (same DNA length) which is four-character DNA encoding that represented all 41 attributes known as DEM4all. The experiments conducted using standard data KDDCup 99 and NSL-KDD. Teiresias algorithm is used to extract Short Tandem Repeat (STR), which includes both keys and their positions in the network traffic, while Brute-force algorithm is used as a classification process to determine whether the network traffic is attack or normal. Experiment run 30 times for each DNA encoding method. The experiment result shows that proposed method has performed better accuracy (15% improved) compare with previous and state of the art DNA algorithms. With such results it can be concluded that the proposed DEM4all DNA encoding method is a good method that can used for IDS. More complex encoding can be proposed that able reducing less number of DNA sequence can possible produce more detection accuracy.