Karnavati Journal of Multidisciplinary Studies

Volume-1, Issue-2 (July-December 2023)

https://journal.karnavatiuniversity.edu.in (e-ISSN No: 2583-9187)

APPLICATION OF ARTIFICIAL INTELLIGENCE METHODS TO

THE PREVENTION OF CYBERCRIME

Narendra Singh Kushwaha1

Supervisor: Dr Pranay Prakash2

1
Research Scholar, Karnavati University, Gandhinagar

2
Assistant Professor, Unitedworld School of Law, Karnavati University

Email:202303003@karnavatiuniversity.edu.in, pranay@karnavatiuniversity.edu.in

ABSTRACT

Information technology (IT) advances have led to an increase in the amount of cybercrimes
that criminals are committing through the usage of cyberspace. Cyber infrastructures are very
susceptible to hacking and attacks. For the purpose of monitoring and safeguarding these
facilities, human interaction and physical tools are inadequate. We need more advanced cyber
protection systems that are resilient, adaptable, and long-lasting. Artificial intelligence
computing techniques are becoming more and more significant in cyberdetection and
prevention of crime. In order to combat cybercrimes, this paper will examine the state of the
art in this area, suggest future directions for research, and demonstrate how these techniques
could be helpful in identifying and averting cyberattacks.

KEYWORDS: Artificial intelligence, detecting and preventing intrusions system, intelligent

cyber defence techniques, and cybercrime.

1|Page
 INTRODUCTION

Since information technology (IT) has advanced, criminals are utilising cyberspace to carry out
a growing number of cybercrimes. Important concerns regarding privacy and information
security are brought up by the growing trends in complicated distributed and Internet
computing. Cyber infrastructures are incredibly vulnerable to attacks and hacking. More
advanced IT that can detect abnormal behaviors and imitate typical ones is required for the
monitoring and defence of these infrastructures, as physical tools like sensors and detectors are
insufficient. These cyber defence systems must be strong, versatile, and adaptive in order to
identify a wide range of threats and make wise judgements in real time [1, 2]. Human connection
is just insufficient for a timely analysis of the attack and an appropriate reaction due to the
volume and velocity of cyberattacks. Computer-generated forces must be able to manage the
entire assault response process, including quickly and effectively identifying targets,
determining the nature of the attack, and determining the best course of action. They also need
to know how to prioritise and stop follow-up attacks [3].

Moreover, cyberattacks are global in nature. They are an international threat that is becoming
more and more dangerous for all computer systems worldwide.Previously, only highly
educated experts could commit cybercrimes, but as the Internet has grown, almost anybody can
now obtain the knowledge and tools required to commit these crimes. The hard-wired logic
used by traditional fixed algorithms to make decisions is no longer sufficient to defend against
dynamic cyberattacks.Because of this, we need innovative approaches to combat cybercrimes,
such applying Artificial Intelligence (AI) technologies, which give software flexibility and
learning capabilities. (4),(5)

AI offers all of these choices in addition to many more.It has been demonstrated that the
application of artificial intelligence (AI) computer techniques, such as fuzzy logic, heuristics,
machine learning, neural networks, intelligent agents, artificial immune systems, and
computational intelligence, significantly aids in the detection and prevention of
cybercrime.Artificial intelligence (AI) can be used to create autonomous computing systems
that can self-manage, self-tune, self-configure, self-diagnose, and self-heal in accordance with
the requirements of their specific use cases. AI techniques appear to be a particularly promising
field of research for information security in the future, since they aim to improve cyberspace
security measures [2, 6, 7].

2|Page
The objectives of this study are to demonstrate how these tactics could be useful in detecting
and preventing cyberattacks, to highlight the improvements made in the application of AI
approaches to combat cybercrimes, and to lay out the framework for future research.

Cyber Crimes: Explanation and Issues

Our quality of life has greatly improved and many new conveniences have been added thanks
to the quick development of internet and computer technology.However, it also raised
challenging issues, such as the emergence of novel forms of criminal activity. For instance,
due of information technology, common crimes like theft and fraud have given rise to new
categories of crimes called "Cyber Crimes".Additionally, when this technology advances,
criminal situations also change. Since technology makes it simple for thieves to carry out their
schemes, we are dealing with an increasing quantity and diversity of cybercrimes every day.
Information technology also makes it easier to monitor, identify, stop, or apprehend
cybercriminals by eliminating national borders and facilitating the globalisation of these crimes
[8, 9, 10]
.

Criminals are using information technology more and more, both as a tool and as a target. The
use of electronics and other high-tech equipment by criminals makes crimes simple and
inexpensive. All information systems created for the good of humanity, including phones,
computers, and the Internet, are vulnerable to criminal activities.Information technology
system crimes frequently target computers, servers, websites, email accounts, bank accounts,
personal information, and digital records of both public and private institutions. These offenses
are also known as "computer crimes," "Internet crimes," "crimes of information technologies,"
"digital crimes," and "network crimes." Even though the term "cybercrime" is now widely
used, its exact definition is unclear.

The majority of definitions in use today were created through experimentation. "Any crime
that is facilitated or committed using a computer, network, or hardware device" is what Gordon
and Ford (2006) define as cybercrime. A computer or device "may be the agent of the crime,
[12]
the facilitator of the crime, or the target of the crime." Reference . "Criminal activity or a
crime that involves the Internet, a computer system, or computer technology" is how
Dictionary.com defines cybercrime [13]. Cybercrime is "crime that occurs when computers or

3|Page
computer networks are involved as tools, locations, or targets of crime," according to Fisher
and Lab (2010) [14].

People are utilizing computers and the Internet for socializing, working, sharing, buying, and
other activities, which is causing an exponential increase in the volume of digital data that is
recorded on a daily basis. The boundaries of language and country have disappeared, and there
is now more traffic in the virtual world than ever before. Since the idea of crime is there
whenever one deals with people, cyberspace has also become associated with the idea of crime
and criminals [11]. According to Brenner (2010), the majority of cybercrimes that occur
nowadays are merely the result of real-world crimes moving online, where they are used as a
weapon by criminals to carry out traditional crimes in novel ways. [15]

Artificial Intelligence and Detection of Intrusion

At Dartmouth College's Summer Research Project, the field of artificial intelligence (AI),
originally known as machine intelligence, was founded in July 1956. Artificial intelligence
(AI) can be defined as (i) a science that aims to build intelligent computers and comprehend
the nature of intelligence, or (ii) a science that finds intelligent solutions to complex problems.

(such choosing the right course of action after analyzing a lot of data).

When it comes to leveraging AI for cyber defense, we are more intrigued by the second idea.

Making machines (computers) mimic intelligent human behaviour, such as thinking, learning,
reasoning, planning, etc., is a topic of research interest in artificial intelligence (AI) [5, 7, 16].

The more general problem of duplicating intelligence has been subdivided into more
manageable, targeted problems, each with specific traits or capabilities that a sophisticated
system ought to possess. The qualities that have drawn the greatest attention are as follows [17,
18, 19]
:

a) Deduction, reasoning, and problem solving (including embodied agents, neural networks,
and statistical approaches to artificial intelligence);

b) Knowledge representation (ontologies);

c) Planning (multi-agent planning and cooperation);

4|Page
d) Learning (machine learning);

e) Natural Language Processing (information retrieval – text mining, machine translation);

f) Motion and Manipulation (navigation, localization, mapping, motion planning);

g) Perception (speech recognition, facial recognition, object recognition);

h) Social Intelligence (empathy simulation); i) Creativity (artificial intuition, artificial

imagination); and j) General Intelligence (Strong AI).

In distributed resolution problems, the process of solving the problem depends on agent
cooperation and information exchange. These notions gave rise to the idea of intelligent multi-
agent technology. A self-contained cognitive being that is conscious of its environment is
called an agent. It possesses an internal decision-making process that collaborates with other
agents and can operate autonomously. A collection of mobile autonomous agents collaborates
intelligently and pro-actively to solve a particular problem or class of problems in multi-agent
systems. They are able to make decisions, interact with other agents, and comprehend their
environment to some extent. Although multi-agent technology has various uses, this study will
solely look at its use in cyber intrusion security.

Computational intelligence (CI) is a considerably larger topic of artificial intelligence, of which

intelligent agent systems are only one facet. Other nature-inspired CI techniques include neural
networks, artificial immune systems, fuzzy logic, swarm intelligence, and evolutionary
computation.These tactics offer flexible instruments for making decisions in changing
circumstances, including cyber-security applications. The term "nature-inspired" refers to the
increasing interest in computing technologies that imitate biological systems (like the
immunological system seen in humans) and their extraordinary capacity forinformation
processing, recognition, categorization, learning, and memorizing. AISs, or artificial immune
systems, are one type of this technology.

Inspired by biological immunity systems that can continuously and dynamically learn in
changing surroundings, artificial intelligence systems, or AISs, are computational models. The
immune system is in charge of identifying and eliminating invaders in living things. In
applications for computer security in general and intrusion detection systems (IDSs) in
particular, artificial intelligence systems (AISs) are made to resemble natural immune systems
[20]
.

5|Page
Based on the idea of evolutionary computation, genetic algorithms are machine learning
techniques that mimic the course of natural selection. They are another example of artificial
intelligence (AI) technology. They offer optimum, flexible, and resilient solutions, even for
intricate computational issues. They can be employed to create rules for the categorization of
security assaults and to create customised rules for various security attacks within intrusion
detection systems [21, 22].

Despite the development of numerous techniques (as safe protocols, firewalls, antivirus
programs, and encryption.) for data security across networks and the Internet, hackers are
continually coming up with new ways to breach network systems.

An intrusion detection and prevention system (IDPS) is a hardware or software device that is
installed inside the network and has the ability to both detect and attempt to prevent possible
intrusions (see Fig. 1). IDPSs offer four essential security features:

keeping an eye out for, identifying, evaluating, and reacting to unauthorised activity [23, 24].

6|Page
7|Page
When artificial neurons are paired together, they may learn and solve problems, forming
Artificial Neural Networks (ANNs). When solving problems involving conditionality,
imprecision, and ambiguity all at once, neural networks come in handy. These networks are
capable of self-organization, learning, interpretation of dispersed data, and adaptation.
Neural networks with a huge number of artificial neurons have the capacity to learn in
massively parallel and make decisions quickly, which makes them ideal for learning patterns,
classifying information, and choosing attack responses [5, 7].

Desired IDPS Characteristics

To effectively defend against major threats, an IDPS needs to include a few specific features.
Among these traits are the following [25]:

Real-time intrusion detection—detecting intrusions either during or right after an attack—

minimize false positive alarms, minimise human supervision, and ensure continuous operation.
Recoverability from system crashes—whether caused by attacks or inadvertent—the capacity
to detect efforts by adversaries to modify the system through self-monitoring. adherence to the
security policies of the system under observation.

AI Applications in Cyber Crime Defense

Scholarly resources that are currently available demonstrate the wide range of uses of AI
approaches in the fight against cybercrimes. Neural networks, for example, are being used in
intrusion detection and prevention, but they are also proposed to be used in malware
categorization, forensic investigations, computer worm detection, spam detection, zombie
detection, Denial of Service (DoS) detection, and spam detection [5]. Modern anti-virus
software has also incorporated AI techniques as AISs, Heuristics, Data Mining, and Neural
Networks [7].

Intelligent agent technology is used by many IDSs, occasionally even in tandem with mobile
agent technology. To find questionable cyber activity, mobile intelligent agents can move
between collection stations [2].

8|Page
According to Wang et al. (2008), heuristic technology—defined as "the knowledge and skills
that use some methods to determine and intelligently analyse codes to detect the unknown virus
by some rules while scanning"—will play a major role in anti-virus detection in the future [7].
This section will provide a quick overview of pertinent studies in addition to a few current uses
of artificial intelligence methods for cyber defense.

Applications of Artificial Neural Networks

An artificial neural network (ANN) is a computer process that mimics the functional and
structural traits of neural networks seen in biological nervous systems. They work well in
scenarios requiring control, categorization, or prediction in dynamic, intricate computer
settings [26].

Chen (2008) developed NeuroNet, a neural network system that gathers and analyzes dispersed
data, synchronizes critical network device functions, searches for anomalies, generates alarms,
and starts remedial action. NeuroNet is effective against distributed DoS attacks that target
low-rate TCP, according to experiments [27].

Linda et al. (2009) gave the initial presentation of the Neural Network-based Intrusion
Detection System.

modelling (IDS-NNM), which has demonstrated the ability to identify every attempt at
intrusion in network communication while preventing false alarms [28].

For improved intrusion detection in networks, Barika et al. (2009) provided a thorough
architecture of a distributed IDS based on an artificial neural network [29].

Itikhar et al. (2009) employed neural network analysis to examine denial-of-service attacks.
Their research shown that, compared to alternative methods, their neural network methodology
detects DoS attacks more precisely and accurately [30].

Wu (2009) introduced a hybrid approach to spam filtering that combines back-propagation

neural networks with rule-based processing. Due to the frequent changes in spamming
behaviours, their approach proved to be significantly more robust than prior keyword-based
spam detection systems [31].

9|Page
In 2009, Salvador et al. presented a unique neural network-based zombie PC detection
technique.

In 2010, Bitter et al. introduced a range of host-based and network-based intrusion detection
systems, with a particular emphasis on artificial neural network-based systems that identify
potentially hostile and suspicious traffic [26].

The neural network-based intrusion detection system (IDS) created by Al-Janabi and Saeed
(2011) can quickly identify and categorise a variety of threats [33].

Barman and Khataniar (2012) have investigated the creation of neural network-based IDSs.
According to their testing, the system they suggested has intrusion detection rates that are
comparable to those of other IDSs on the market, but it can detect DoS attacks at least 20.5
times faster [34].

Applications of Intelligent Agents

Autonomous computer-generated entities known as intelligent agents interact with one another
to exchange information and work together to organise and carry out suitable actionsin the face
of unanticipated events. It makes sense to use intelligent agent technologies to stop
cyberattacks because of its collaborative nature, mobility, and adaptability in the situations in
which they are used.

Rowe (2003) created a "counterplan" system that uses multi-agent planning and a few cutting-
edge inference techniques to stop specific cyberattack strategies [35].

A multi-agent system called MWDCM is used in metropolitan area networks to detect and
contain computer worms, was created by Gou et al. (2006). Worms that crash routers and use
a lot of network bandwidth are immediately stopped from spreading.

The results of the studies shown that, even at high worm infection rates, their method
successfully prevents worm propagation [36].

A distributed agent coalition system was introduced by Phillips et al. (2006) to safeguard
distributed electric power grids from attacks, mistakes, and hostile insiders while maintaining
regular operations and implementing operational and security strategies [37].

In order to combat cyberattacks,A mobile intelligent multi-agent system technique based on

synthesis was proposed by Helano and Nogueira (2006) . They used Prologue to develop their

10 | P a g e
system, which they then used to automatically and manually tackle distributed denial-of-
service (DoS) attacks [4].

A system for cooperative and adaptive defence measures against Internet threats was presented
by Kotenko and Ulanov in 2007. They use intelligent multi-agent modeling and simulation as
the foundation for their approach, where groups of intelligent agents communicate with one
another and modify their configuration and behaviour in response to the strength of assaults
and the state of the network. They looked into distributed DoS assaults and defences to test
their methodology. The findings demonstrated that intelligence agent groups' capacity for
cooperation and adaptation significantly increases defence effectiveness [38].

A flexible and adaptable Connectionist for mobile visualization An intrusion detection system
based on agents was proposed by Herrero et al. (2007). It helps with intrusion detection in
dynamic networks. Artificial neural networks are the method that intelligent agents utilise to
find network intrusions [39].

An abstract model based on multi-agent technology and inspired by the biological immune
system was presented by Fu et al. (2007) for anomaly identification in networks. In order to
respond to intrusions and lessen the harm and infection, they applied it to the host and network
layer [40].

According to Edwards et al.'s 2007 research, intelligent agent technology has the ability to
enhance power grid response and operation while thwarting known threats and lessening or
eliminating their effects.

They demonstrated a prototype of the Multi-Layered Security Model (MLSM), which offers
defence against erroneous input as well as the capacity to identify and counteract unidentified
attack tactics (such as hostile input from the Internet or local agent disruption) [41].

Kotenko et al. (2010) investigated multi-agent based methods for analyzing and countering
botnets, which are expanding quickly on the Internet and are utilized in a range of cyberattacks,
including distributed denial-of-service attacks, vulnerability scanning, and massive spam e-
mail campaigns. They offered a framework description and implementation for these systems
[42]
.

an AIS-based ad hoc network security architecture that makes use of several agents, divided
into two categories: counterattack and detection agents.was made available by Ye and Li in
2010. Their design integrates the advantages of intelligent agent technology and AIS,

11 | P a g e
improving mobile ad hoc network security and protection. Its characteristics include dispersion,
expandability, self-adaptation, and self-learning [43]. In order to defend power grid automation
systems against cyberattacks, which can originate from internal networked sources or the
Internet,In 2010, Wei and colleagues introduced a theoretically layered approach. A constituent
of their structure comprises security agents, a subset of which have intelligence and may
identify invasive occurrences and actions within the controllers.

Testing a prototype of the suggested method produced findings that demonstrated the system's
potential to control and lessen a few prevalent power grid automation system security issues
[44]
. Security Audit as a Service is the name of a cloud-based incident detection system (SaaS),
that was first developed by Doelitzscher et al. (2011). Their technology is built on intelligent
autonomous agents that understand the underlying business processes of deployed cloud
instances; this allows for cross-customer event monitoring of a cloud infrastructure to be
supported and flexible [45].

A distributed intrusion detection system (IDS) was proposed by Shosha et al. (2011) to detect
cyber intrusions in Supervisory Control and Data Acquisition (SCADA) networks. The system
is built on community collaboration among several agents.The suggested design includes the
SCADA network topology as well as connection limitations [46].

Ionita and Ionita (2013) proposed employing data mining to detect network intrusions using a
multi-intelligent agent-based technique [47]

Applications of Artificial Immune Systems

Maintaining stability in a dynamic environment is their function, just like that of biological
immune systems, which form the basis of adaptive immune systems (AISs). Antigens and
immuneocytes (self-tolerance, clone, variation, etc.) are simultaneously identified in immune-
based intrusion detection. The immune system produces antibodies to fight diseases, and
differences in the amount of these antibodies can be used to gauge the extent of invasion. AISs
are therefore essential in the study of cyber security [48]

An strategy for spam identification based on AIS-based email feature extraction was presented
by Sirisanyalak and Sornil (2007). The results of the performance evaluation revealed that the
suggested method is significantly more efficient in spam detection than other current systems,
with very low false positive and false negative rates (0.91% and 1.95%, respectively) [49].

12 | P a g e
As a reaction to threats in wireless mesh networks, Lebbe et al. (2007) proposed using hazard
theory (DT) in AIS during their examination of various intrusion detection system (IDS)
models. They classified network hazards using Self-organizing Maps (SOMs) as
classifiers.Their experiments verified their suggestion to apply DT to wireless mesh network
security [50].

Hong (2008) presented a hybrid learning technique based on AIS for anomaly detection in
computer systems [20].

Gianini et al. (2009) argued that ambient intelligence should be included in the AIS paradigm
for computer system security. Their extended model can give perceptual functions and
detecting capabilities in conjunction with device intelligence (for example, multimodal sensor
system interpretation) [51].

EshghiShargh (2009) investigated alternative IDS designs based on AISs to investigate the
advantages of AISs in particular and AI in general for enhancing IDSs .The findings
demonstrated how the AIS approach to IDS design would be beneficial for future applications
[52]
.

An antivirus system based on AIS was introduced by Chao and Tan (2009). "Strong detection
ability and good generalisation performance" are attributes of the recommended viral detection
system, according to the trial results [53].

Danforth (2009) studied the idea of expanding AISs for web server attack classification, which
might provide system administrators with a warning about the severity of the assault and aid in
the mitigation of direct attacks [54].

An AIS-based security framework with distributability, robustness, second response, and self-
recovery features was presented by Mohamed and Abdullah (2009) for mobile ad hoc
networks. Their method addressed a number of issues, including scalability and bandwidth
conservation, that were found in earlier pertinent studies [55].

Qiang and Yiqian (2010) presented a network security situation evaluation methodology based
on AIS. This model can both quantitatively and in real time assess the security state of the
system and provide the necessary assistance for real-time defence measure changes.
Theoretical study and testing demonstrated the model's efficiency in real-time anomaly
detection for network security [56].

13 | P a g e
A self-learning intrusion response mechanism based on AIS that can identify and categorise
unknown threats was proposed by Rui and Wanbo (2010). A dynamic reaction decision-making
mechanism is part of their approach, which may adjust defensive methods in response to
environmental changes and maintain system safety at the lowest possible cost.The trials
demonstrated that their model possesses traits such as self-adaptation, rationality, quantitative
computation, and efficient intrusion response [48].

Endy et al. (2010) employed SOMs to visualise data topology in order to do cluster analysis on
cyber terrorism textual texts [57].

Yang et al. (2011) introduced a network security evaluation model based on AIS theory for
quantitative analysis of the degree of intrusion risk level, and demonstrated its advantages over
existing network security evaluation models [58].

Liu et al. (2011) created an AIS-based intrusion detection system in an Internet of Things (IoT)
environment by mimicking self-adaptation and self-learning mechanisms through dynamic
environment adaptation..According to the study of their proposal, their model provides a novel
effective intrusion detection method for the Internet of Things [59].

To enhance smart grid cyber security, Zhang et al. (2011) presented SGDIDS, a novel
hierarchical distributed intrusion detection system. Among the features of their system is an
intelligent module that employs AIS to identify and categorise malicious data and possible
cyberthreats. The simulation results demonstrated that their technique is useful for detecting
malicious network traffic and increasing system security [60].

Ansari and Inamullah (2011) suggested an AIS-based upgrade for anomaly detection and
demonstrated how their model improves AIS performance in applications such as anomaly
detection, security, error detection, and data mining in mobile ad hoc networks [61].

Fang et al. (2012) suggested a phishing detection AIS based on memory and mature detectors.
According to the analysis, their approach is unique, more versatile, and adaptive than other
[62]
existing phishing detection systems .IISGP is a novel AIS-based approach for Smart Grid
protection presented by Mavee and Ehlers (2012).

They wanted to create a bio-inspired AIS model for intrusion detection, access control, and
anomaly detection in critical infrastructures that are increasingly reliant on cyber technology

14 | P a g e
[63]
. A unique agent-based intrusion detection solution for wireless networks was created by
Kumar and Reddy in 2014 to identify and prevent intrusions by preventing or delaying
transmission across the intrusive channels. Information is collected by the system from multiple
nodes and combined using an evolutionary artificial intelligence system (AIS). According to
the experimental results, the system is highly suited for intrusion detection and prevention in
wireless networks [64].

Genetic and Fuzzy Sets Algorithm Applications

A genetic algorithm-based learning technique for anomaly detectors to detect possible threats
was presented by Kim et al. in 2004. They demonstrated the efficiency of their approach in
intrusion detection using an artificial computer security system [65].

A fuzzy host-based intrusion detection system utilizing data mining techniques and the
underlying operating system capacity was proposed by Sekeh and Bin Maarof (2009). The
simulation results revealed that the suggested system enhances performance while decreasing
database size, time complexity, and false alarm rate [66].

A novel fuzzy network intrusion detection method based on class-association-rule mining in

genetic network programming was introduced by Mabu et al. (2011).

The suggested method may manage heterogeneous databases with both discrete and continuous
features, potentially mining significant class-association rules for improved intrusion detection.
It is also flexible and effective for anomaly and misuse detection in networks. Experiments and
evaluation of the suggested method showed that it gives competitively high detection rates
when compared to other machine-learning techniques [67].

GAIDS, a Genetic Algorithm Rule-Based Intrusion Detection System, was presented by Ojugo
et al. (2012) with the intention of improving system integrity, security, availability, and
confidentiality in networked contexts. The proposed system employs a set of classification
rules derived from network audit data, as well as the support-confidence framework, which is
employed as a fitness function to assess the quality of each rule [68].

Hassan (2013) created an intrusion detection system (IDS) that uses fuzzy logic and a genetic
algorithm to efficiently identify various forms of intrusive activity taking place within a
network. Because it may update rules in response to the discovery of new invasive actions, the
system is both adaptable and economical. The results of the experiments and evaluations
revealed that the suggested system obtained a reasonable intrusion detection rate [69].

15 | P a g e
A fuzzy genetic algorithm-based network intrusion detection system was presented by
Jongsuebsuk et al. (2013). Data related to network attacks is classified using fuzzy rules, and
the process of choosing the optimal fuzzy rule is optimised via evolutionary algorithms.
According to the evaluation results, the suggested IDS can detect network attacks in real-time
(or within 2-3 seconds) when data arrives to the detection system, with a detection rate of more
than 97.5% [70].

A fuzzy intrusion detection system based on anomalies was developed by Chaudhary et al.
(2014) to identify packet dropping attacks in mobile ad hoc networks. The simulation results
indicated that the proposed system can identify packet dropping attacks with high positive and
low false positive rates across all mobile node speed levels [71].

Benaicha et al. (2014) expanded the genetic algorithm-based network intrusion detection model
by including an upgraded initial population and a selection operator. In a manageable period
of processing time, this model generated a subset of potential assaults by optimizing the search
for attack scenarios in audit files. They used a genetic algorithm technique because it improves
performance and lowers false positives [72].

A multilayer genetic algorithm-based intrusion detection system was introduced by Padmadas

et al. (2014). Its goal is to keep an eye on actions inside a given setting and assess whether they
are malicious or not by taking into account aspects like system integrity, confidentiality, and
the availability of information resources. The testing findings demonstrated that the proposed
system detects R2L assaults with 90% accuracy [73].

Further Applications of AI

Examples of hybrid and alternative applications can be found in this section.

Machado and colleagues introduced a unique mobile intelligent agent and AIS-based network
intrusion detection model in 2005. They also showed that their method can differentiate
between different types of attacks, breaches in security, and other security lapses. The
experimental results demonstrated that their model is a major improvement over earlier work
in the field [74].

Pei and Song (2008) presented a hybrid technique that combines fuzzy-detectors with immune
algorithms' searching power to improve intrusion detector performance in intrusion detection
systems. The studies demonstrated the immune algorithm's superior searching capacity.

16 | P a g e
Fuzzy detection algorithms were also shown to reduce detector frangibility and enhance
detection precision [75].

Zhou (2009) created a way to create an intrusion detection model that can identify abuse as
well as abnormalities by fusing AIS methods with neural networks. The evaluation and testing
findings revealed that intrusion detection accuracy was high with a low false alarm rate [76].

Neural networks and AISs are recommended for computer system threat detection (Golovko
et al., 2010).They detailed the ideas and architecture of such a system [77].

Elsadig et al. (2010) presented a revolutionary method for bio-inspired intrusion prevention
and self-healing systems. They presented a unique AIS-based intrusion prevention system
(IPS) that employs an intelligent multi-agent system for non-linear classification to detect,
prevent, and cure detrimental or dangerous events in a network system [78].

AIS-based intrusion detection system (IDS) was introduced by Zhou et al. (2011) to fight
viruses with "virus." They implanted "virus" and cloned variations of "virus" into immune IDSs
using e-learning to strengthen system immunity and reduce invasion or attack behaviours [79].

Ou et al. (2011) proposed ABAIS, a multi-agent based AIS for IDSs with memory and learning
capabilities. Either the computer host or the security operating centre activates the immune
response to harmful activities. The experimental findings demonstrated that ABAIS can detect
malicious intrusions successfully [80].

Meng (2011) developed a security-coordination model for artificial homeostasis based on his
research on the Neuro-Endocrine-Immune system's holistic intelligence. A prototype of the
model was used to create an e-governance system. According to the findings, an artificial
homeostatic model can combine many security solutions to coordinate intrusion detection,
security management, and the prevention of possible assaults or system security vulnerabilities
[81]
.

Dove (2011) examined the drawbacks of merely searching the cyber world for well-known
attack patterns and the identification of anomalous behavior. He proposed that these problems
may be handled by creating a model that uses a sense-making hierarchy to reduce false positive
rates and continuously learns and re-profiles typical behavior. The architecture is built on
biological immune system-inspired process patterns mixed with hierarchical sense-making [82].

17 | P a g e
A host-based, multilayered intrusion detection system including biological influences was
proposed by Jiang et al. (2011). Sequential pattern recognition and several detection engines
serve as its foundation. The outcomes showed that, in comparison to other current methods,
their model can accurately identify the location where anomalies are likely to occur and can
discern between damaging attacks and unfamiliar actions with ease. They also claimed that
their research lays the groundwork for a smart and computationally simple real-time strategy
to detecting unknown malware and harmful attacks in large-scale complicated networks [83].

Ferreira et al. (2011) introduced an intrusion detection system (IDS) that utilizes the widely
used Knowledge Discovery and Data Mining (KDD) framework in conjunction with wavelet
and artificial neural networks (ANN). Their experiment demonstrated a high rate of intrusion
detection [84].

A basic network-based intrusion detection and prevention system (IDPS) that employs a variety
of machine learning methods to identify and categorize network threats was first presented by
Wattanapongsakorn et al. (2012). They tested it in an online network environment, and the
findings shown that the suggested IDPS quickly and accurately detects the two main types of
attacks: probing attacks and denial-of-service (DoS) attacks, in addition to automatically
defending the computer network against attacks. Additionally, it worked well against
unidentified types of network intrusions [85].

Aziz et al. (2012) created a network intrusion detection system with inspiration from AIS. using
deterministic-crowding niching and genetic algorithm-generated detectors. Their overall
average detection rate was 81.74% [86].

An innovative IDPS that may provide solutions for cloud computing intrusion detection and
prevention–a prime target for potential cyberattacks—was introduced by Patel et al. (2013).
They defined the following needs for an ideal cloud-based IDPS: self-management of
autonomic computing, ontology, risk management, and fuzzy theory [24].

GAAIS, a dynamic intrusion detection technique for mobile ad hoc networks based on genetic
algorithms and artificial intelligence, was introduced by Barani (2014). GAAIS can adjust to
changes in network topology on its own. The suggested system's performance was examined
for detecting a number of routing attack types, including wormhole, blackhole, neighbour,
surging attacks and flooding. The experimental findings showed that it is more efficient than
similar approaches [87].

18 | P a g e
 AI Applications' Advantages for IDPSs.

AI approaches bring several benefits to intrusion detection and prevention.Certain AI

techniques are beneficial for preventing and detecting intrusions. Technology's Advantages
Artificial Neural Networks (ANNs); studying by doing Parallel information processing;
Working with complex nonlinear functions is a requirement of nonlinearity.

Superiority over complicated and difficult differential equations; Resistance to noise and
inadequate data; Versatility and flexibility with learning models Intuitiveness - since they are
based on biological neural networks [26].

Intelligent Agents Mobility; Helpfulness - they always try to complete activities with opposing
goals; Rationality - in attaining their goals; Adaptability - to the surroundings and the
preferences of the user; Collaboration entails being aware that a human user can make mistakes
and present ambiguous or omitted information; consequently, they should not accept
instructions without first considering and verifying for inconsistencies with the user [4].

Artificial Immune Systems (AIS) with a flexible structure;

Distributed learning and parallelism relate to the use of parallelism and data network
connectivity injobs that need removal and detection. self-adaptability and self-organization—
updating invasion markers on their own without help from humans; worldwide stability; The
goal of selective response is to eliminate hostile activity in the most efficient manner possible.
A detector node must produce a statistically distinct collection of non-self-detectors in order to
be deemed varied. reduction in the utilization of resources Multi-layered structure: Since
numerous tiers of diverse structures are in charge of keeping an eye on a given area, attackers
are unable to successfully carry out their destructive activities by neglecting a single layer.
Disposability entails not relying on a single component that can be easily replaced by another
[52, 56, 88]
.

Algorithms Based on Genetic Information Robustness; environmental adaptability;

Optimisation is the process of delivering optimal solutions to even the most complicated
computing issues. Parallelism is the ability to evaluate different schemas at the same time.
Global search that is both flexible and robust [21, 86].

The robustness of their interpolative reasoning technique in fuzzy sets; Human-friendliness -

interoperability [89, 90].

19 | P a g e
 Current Anomaly Detection/Prevention System Limitations

Though they have significant flaws that need to be corrected, anomaly detection systems are
able to discover attacks that were previously unreported. The main issue is that it is challenging
to develop an accurate model of appropriate behavior and attack levels. Normal behavior is
subject to quick and easy alteration, which may result in a high rate of false positive alarms.
These alerts may be the consequence of unusual behavior that is both acceptable and typical.
Other constraints are as follows [25, 26, 29]:

• A wide-ranging training set of typical system operations is required for the anomaly detection
system to be able to characterise normal patterns and develop a model of normal behaviour.

•If a lawful action is mistakenly categorized as harmful by the detection and prevention system,
it might have serious consequences as it will attempt to change or stop it.

•No matter how good an intrusion detection system is, if an attacker figures out how to work
it, they can turn it off.

• There is also the difficulty of integrating information from diverse sources in heterogeneous
contexts.No matter how good an intrusion detection system is, if an attacker figures out how to
work it, they can turn it off.

Scope for Future Work

Cyber security should be given far more attention. Given human limits and the intelligence of
agents such as computer viruses and worms, network-centric environments necessitate
intelligent cyber sensor agents (or computer-generated forces) that detect, evaluate, and
respond to cyber-attacks in real time [3].

Thinking forward and doing more research will be necessary when using AI techniques for
cyber defence.Since network-centric warfare poses a challenge to knowledge management,
research on the use of modular and hierarchical information architecture in decision-making
software seems promising. Automated knowledge management is the only approach to
guarantee superior decision-making and quick scenario analysis.

It's also feasible that the Singularity—the ultimate goal of AI research—will be reached in the
not-too-distant future when artificial general intelligence is produced, which is defined as "the
technological creation of smarter-than-human intelligence." Nonetheless, it is critical that we

20 | P a g e
have the ability to deploy stronger AI technologies in cyber defence than the perpetrators do
[5]
.

Furthermore, much more study is required before we can build trustworthy, deployable
intelligent agent systems capable of managing distributed infrastructures. Future research
should look for a theory of group utility function that will allow groups of agents to make
decisions [37].

Future work on improving IDPSs will make advantage of new techniques and unsupervised
learning algorithms, be evaluated jointly in order to construct hybrid IDPS, which will increase
anomalous performance detection of intrusions [85].

Furthermore, merging various AI technologies will become the primary focus.

Trends in the realm of anti-virus technologies [7].

There are various ethical and legal issues that develop as a result of computer security and
forensics.

Technology is rapidly evolving. Online power struggles and privacy concerns are a couple of
these issues.

Due process issues from an ethical or legal perspective. Numerous moral and legal concerns

Questions arise in light of this technology's possible autonomy.

The questions such as "to what extent can an artificial neural network replace human
judgement", "to what degree do we want to allow technology to take human roles" and "what
legal precedent can be applied to machines" need to be addressed [91].

Conclusion

Our lives have been greatly improved by the tremendous progress of information technology,
which has brought us several conveniences, but it also introduced uncontrollable problems, like
the increase in cybercrime. The evolution of criminal proceedings keeps pace with
technological advancements. The quantity and variety of cybercrimes are rising daily as a result
of new technology that makes it easier for thieves to accomplish their goals. Particularly at risk
is critical infrastructure.

Since artificial intelligence (AI) approaches allow IDPS software flexibility and learning
capabilities, they are already being utilized to support humans in the battle against cybercrime.

21 | P a g e
It's clear that decision-making procedures involving a large amount of knowledge consumption
require intelligent decision assistance when it comes to cyber defense, and AI technology may
successfully give this support.

Scholarly research indicates that AI techniques can be used in many different contexts to stop
cybercrime. The use of AI approaches to fight cybercrime has advanced recently, and this paper
has evaluated those developments, along with their desired features and current limits, as well
as the potential for further research.

REFERENCES

• H. Chen, F. Y. Wang, (2005) “Guest Editors' Introduction: Artificial Intelligence for

Homeland Security”, IEEE intelligent systems, Vol. 20, No. 5, pp. 12–16. International
Journal of Artificial Intelligence & Applications (IJAIA), Vol. 6, No. 1, January 2015
35

• D. Dasgupta, (2006) “Computational Intelligence in Cyber Security”, IEEE

International Conference on Computational Intelligence for Homeland Security and
Personal Safety (CIHSPS 2006), pp. 2–3

• M. R. Stytz, D. E. Lichtblau, S. B. Banks, (2005) “Toward using intelligent agents to

detect, assess, and counter cyberattacks in a network-centric environment”, Ft. Belvoir
Defense Technical Information Center, 1. Edition, Alexandria, VA.

• J. Helano, M. Nogueira, (2006) “Mobile Intelligent Agents to Fight Cyber Intrusions”,

The International Journal of Forensic Computer Science (IJoFCS), Vol. 1, pp. 28-32.

• E. Tyugu, (2011) “Artificial intelligence in cyber defense”, 3rd International

Conference on Cyber Conflict (ICCC 2011), pp. 1–11.

• A. Patel, M. Taghavi, K. Bakhtiyari, J. Celestino Júnior, (2012) “Taxonomy and

Proposed Architecture of Intrusion Detection and Prevention Systems for Cloud
Computing”, Y. Xiang et al. (Eds.), Springer-Verlag Berlin Heidelberg, pp. 441 458.

22 | P a g e
• X. B. Wang, G. Y. Yang, Y. C. Li, D. Liu, (2008)” Review on the application of
Artificial Intelligence in Antivirus Detection System”, IEEE Conference on
Cybernetics and Intelligent Systems, pp. 506 509.

• H. Çakir, E. Sert, (2011) “Bilişim Suçlari Ve Delillendirme Süreci”, Örgütlü Suçlar ve

Yeni Trendler. O. Ö. Demir, M. Sever, (Eds.), Uluslararası Terörizm ve Sınıraşan
Suçlar Sempozyumu (UTSAS 2010) Seçilmiş Bildirileri, Ankara: Polis Akademisi
Yayınları, Ankara, pp. 143.

• N. Doğan, (2008) “Türkiye’de Bilişim Suçlarına Bakış”, Popüler Bilim, Vol. 8, No. 3,
pp. 14-17.

• A. S. Poonia, A. Bhardwaj, G. S. Dangayach, (2011) “Cyber Crime: Practices and

Policies for Its Prevention”, The First International Conference on Interdisciplinary
Research and Development, Special No. of the International Journal of the Computer,
the Internet and Management, Vol. 19, No. SP1.

• H. Dijle, N. Doğan, (2011) “Türkiye’de Bilişim Suçlarına Eğitimli İnsanların Bakışı”,

Bilişim Teknolojiler Dergisi, Vol. 4, No. 2.

• S. Gordon, R. Ford, (2006) “On the definition and classification of cybercrime”,

Journal in Computer Virology, Vol. 2, No. 1, pp. 13 20.

• B. S. Fisher, S. P. Lab, (2010) Encyclopedia of Victimology and Crime Prevention,

SAGE Publications, Vol. 1, pp. 251, USA.

• S. W. Brenner, (2010) Cybercrime: Criminal Threats from Cyberspace, Greenwood

Publishing Group, Library of Congress Cataloging-in-Publication Data, USA.

• E. S. Brunette, R. C. Flemmer, C. L. Flemmer, (2009) “A review of artificial

intelligence”, Proceedings of the 4th International Conference on Autonomous Robots
and Agents, pp. 385 392.

• J. S. Russell, P. Norvig, (2003) Artificial Intelligence: A Modern Approach, 2nd

edition, Upper Saddle River, Prentice Hall, New Jersey, USA.

• G. Luger, W. Stubblefield, (2004) Artificial Intelligence: Structures and Strategies for

Complex Problem Solving, 5th edition, Addison Wesley.

23 | P a g e
• Artificial Intelligence, Wikipedia, http://en.wikipedia.org/wiki/Artificial_intelligence,
(24/11/2014)

• L. Hong, (2008) “Artificial Immune System for Anomaly Detection”, IEEE

International Symposium on Knowledge Acquisition and Modeling Workshop, pp. 340
– 343.

• N. A. Alrajeh, J. Lloret, (2013) “Intrusion Detection Systems Based on Artificial

Intelligence Techniques in Wireless Sensor Networks,” International Journal of
Distributed Sensor Networks, Vol. 2013, Article ID 351047.

• S. Shamshirband, N. B. Anuar, M. L. M. Kiah, A. Patel, (2013) “An appraisal and

design of a multiagent system based cooperative wireless intrusion detection
computational intelligence technique,” Engineering Applications of Artificial
Intelligence, Vo. 26, pp. 2105–2127.

• K. P. Kaliyamurthie, R. M. Suresh, (2012) “Artificial Intelligence Technique Applied

to Intrusion Detection”, International Journal of Computer Science and
Telecommunications, Vol. 3, No. 4, pp. 20 25.

• A Patel, M. Taghavi, K. Bakhtiyari, J. Celestino Junior, (2013) “An intrusion detection

and prevention system in cloud computing: A systematic review”, Journal of Network
and Computer Applications, Elsevier, Vol. 36, pp. 25–41.

• A. Patel, Q. Qassim, Z. Shukor, J. Nogueira, J. Júnior, C. Wills, (2010) “Autonomic

Agent-Based Self-Managed Intrusion Detection and Prevention System,” Proceedings
of the South African Information Security Multi-Conference (SAISMC 2010), Port
Elizabeth, South Africa, May 17-18, 2010. International Journal of Artificial
Intelligence & Applications (IJAIA), Vol. 6, No. 1, January 2015 36

• C. Bitter, D.A. Elizondo, T. Watson, (2010) “Application of Artificial Neural Networks

and Related Techniques to Intrusion Detection”, IEEE World Congress on
Computational Intelligence (WCCI 2010), pp. 949 – 954.

• Y. Chen, (2008) “NeuroNet: Towards an Intelligent Internet Infrastructure”, 5th IEEE

Consumer Communications and Networking Conference (CCNC 2008), pp. 543 547.

24 | P a g e
• L. Ondrej, T. Vollmer, M. Manic, (2009) “Neural Network Based Intrusion Detection
System for Critical Infrastructures”, Proceedings of International Joint Conference on
Neural Networks, pp. 1827 1834.

• F. Barika, K. Hadjar, N. El-Kadhi, (2009) “Artificial neural network for mobile IDS
solution”, Security and Management, pp. 271–277.

• A. Iftikhar, B.A. Azween, A. S. Alghamdi, (2009) “Application of artificial neural

network in detection of dos attacks,” Proceedings of the 2nd ACM international
conference on Security of information and networks, pp. 229–234.

• C. H. Wu, (2009) “Behavior-based spam detection using a hybrid method of rule-based

techniques and neural networks,” Expert Systems with Applications, Vol. 36, Issue. 3,
Part: 1, pp. 4321–4330.

• P. Salvador, A. Nogueira, U. Franca, R. Valadas, (2009) “Framework for Zombie

Detection using Neural Networks”, Fourth International Conference on Internet
Monitoring and Protection (ICIMP '09), pp.14 – 20.

• S. T. F. Al-Janabi, H. A. Saeed, (2011) “A Neural Network Based Anomaly Intrusion

Detection System”, Developments in E-systems Engineering (DeSE), pp. 221 – 226.

• D. K. Barman, G. Khataniar, (2012) “Design of Intrusion Detection System Based On

Artificial Neural Network And Application Of Rough Set”, International Journal of
Computer Science and Communication Networks, Vol. 2, No. 4, pp. 548-552.

• N. C. Rowe, “Counterplanning Deceptions to Foil Cyber-Attack Plans”, Proceedings

of the 2003 IEEE Workshop on Information Assurance, United States Military
Academy, West Point, Information Assurance Workshop, pp. 203 210.

• X. Gou, W. Jin, D. Zhao, (2006) "Multiagent system for worm detection and
containment in metropolitan area networks", Journal of Electronics, Vol. 23, No. 2, pp.
259-265.

• L. Phillips, H. Link, R. Smith, L. Weiland, (2006) Agent-Based Control of Distributed

Infrastructure Resources, U.S. Department of Energy, Sandia National Laboratories,
USA. [38] I. Kotenko, A. Ulanov, (2007) “Multi-Agent Framework fo Simulation of
Adaptive Cooperative Defense Against Internet Attacks”, International Workshop on

25 | P a g e
 Autonomous Intelligent Systems: Agents and Data Mining (AIS-ADM 2007), Springer-
Verlag, Berlin Heidelberg, vol. 4476, pp. 212– 228.

• E. Herrero, M. Corchado, A. Pellicer, A. Abraham, (2007) “Hybrid multi agent-neural

network intrusion detection with mobile visualization”, Innovations in Hybrid
Intelligent Systems, Vol. 44, pp. 320 328.

• H. Fu, X. Yuan, K. Zhang, X. Zhang, Q. Xie, (2007) “Investigating Novel Immune-

Inspired MultiAgent Systems for Anomaly Detection”, The 2nd IEEE Asia-Pacific
Service Computing Conference, pp. 466 472.

• D. Edwards, S. Simmons, N. Wilde, (2007) “Prevention, Detection and Recovery from

Cyber-Attacks Using a Multilevel Agent Architecture”, IEEE International Conference
on System of Systems Engineering (SoSE '07), pp. 1 – 6.

• D. Edwards, S. Simmons, N. Wilde, (2007) “Prevention, Detection and Recovery from

Cyber-Attacks Using a Multilevel Agent Architecture”, IEEE International Conference
on System of Systems Engineering (SoSE '07), pp. 1 – 6

• I. Kotenko, A. Konovalov, A.Shorov, (2010) “Agent-Based modeling and Simulation

of Botnets and Botnet Defence”, Proceeding of Conference on Cyber Conflict (CCD
COE). [43] X. Ye, J. Li, (2010) “A Security Architecture Based on Immune Agents for
MANET”, International Conference on Wireless Communication and Sensor
Computing (ICWCSC 2010), pp. 1 5.

• D. Wei, Y. Lu, M. Jafari, P. Skare, K. Rohde, (2010) “An Integrated Security System
of Protecting Smart Grid against Cyber Attacks”, Innovative Smart Grid Technologies
(ISGT), pp. 1 7.

• F. Doelitzscher, C. Reich, M. Knahl, N. Clarke, (2011) "An Autonomous Agent Based

Incident Detection System for Cloud Environments," IEEE Third International
Conference on Cloud Computing Technology and Science (CloudCom), pp.197-204

• I. Ionita, L. Ionita, (2013) "An agent-based approach for building an intrusion detection
system," 12th International Conference on Networking in Education and Research

26 | P a g e
 (RoEduNet), pp.1-6. International Journal of Artificial Intelligence & Applications
(IJAIA), Vol. 6, No. 1, January 2015 37

• L. Rui, L. Wanbo, (2010) “Intrusion Response Model based on AIS”, International

Forum on Information Technology and Applications (IFITA), Vol. 1, pp. 86 – 90.

• B. Sirisanyalak, O. Sornil, (2007) “An artificial immunity-based spam detection

system”, IEEE Congress on Evolutionary Computation (CEC 2007), pp. 3392 3398.

• M. A. Lebbe, J. I. Agbinya, Z. Chaczko, F. Chiang, (2007) “Self-Organized

Classification of Dangers for Secure Wireless Mesh Networks”, Australasian
Telecommunication Networks and Applications Conference, pp. 322 – 327.

• G. Gianini, M. Anisetti, A. Azzini, V. Bellandi, E. Damiani, S. Marrara, (2009) “An

Artificial Immune System approach to Anomaly Detection in Multimedia Ambient
Intelligence”, 3rd IEEE International Conference on Digital Ecosystems and
Technologies, pp. 502 – 506.

• A. EshghiShargh, (2009) “Using Artificial Immune System on Implementation of

Intrusion Detection Systems”, Third UKSim European Symposium on Computer
Modeling and Simulation, pp. 164 168.

• R. Chao, Y. Tan, (2009) “A Virus Detection System Based on Artificial Immune

System”, International Conference on Computational Intelligence and Security, Vol. 1,
pp. 6 – 10.

• M. Danforth, (2009) “Towards a Classifying Artificial Immune System for Web Server
Attacks”, International Conference on Machine Learning and Applications, pp. 523 –
527.

• Y. A. Mohamed, A. B. Abdullah, (2009) “Immune Inspired Framework for Ad Hoc

Network Security”, IEEE International Conference on Control and Automation, pp.
297 – 302.

27 | P a g e
• H. Qiang, T. Yiqian, (2010) “A Network Security Evaluate Method Base on AIS”,
International Forum on Information Technology and Applications (IFITA), Vol. 2, pp.
42 – 45.

• E. Endy, C. Lim, K. I. Eng, A. S. Nugroho, (2010) “Implementation of intelligent

searching using self-organizing map for webmining used in document containing
information in relation to cyber terrorism”, Second International Conference on
Advances in Computing, Control, and Telecommunication Technologies, pp. 195 – 197.

• J. Yang, T. F. Wang, C. M. Liu, B. Li, (2011) “Improved Agent Model for Network
Security Evaluation Based on AIS”, Fourth International Conference on Intelligent
Computation Technology and Automation (ICICTA), Vol. 1, pp. 151 – 154.

• C. Liu, J. Yang, Y. Zhang, R. Chen, J. Zeng, (2011) “Research on Immunity-based

Intrusion Detection Technology for the Internet of Things”, Seventh International
Conference on Natural Computation (ICNC), Vol. 1, pp. 212 – 216.

• Y. Zhang, L. Wang, W. Sun, R. C. Green II, M. Alam, (2011) “Artificial Immune

System based Intrusion Detection in A Distributed Hierarchical Network Architecture
of Smart Grid”, IEEE Power and Energy Society General Meeting, pp. 1 – 8.

• M. S. A. Ansari, M. Inamullah, (2011) “Misbehavior detection in mobile ad hoc

networks using Artificial Immune System approach”, IEEE 5th International
Conference on Advanced Networks and Telecommunication Systems (ANTS), pp. 1 – 6.

• X. Fang, N. Koceja, J. Zhan, G. Dozier, D. Dipankar, (2012) “An Artificial Immune

System for Phishing Detection”, IEEE World Congress on Computational Intelligence
(WCCI 2012), pp.1 7.

• S. M. A. Mavee, E. M. Ehlers, (2012) “A Multi-Agent Immunologically-Inspired

Model for Critical Information Infrastructure Protection”, IEEE 11th International
Conference on Trust, Security and Privacy in Computing and Communications, pp.
1089 – 1096.

28 | P a g e
• G.V.P. Kumar, D.K. Reddy, (2014) "An Agent Based Intrusion Detection System for
Wireless Network with Artificial Immune System (AIS) and Negative Clone
Selection," International Conference on Electronic Systems, Signal Processing and
Computing Technologies (ICESC), pp. 429-433.

• D. W. Kim, J. W. Yang, K. B. Sim, (2004) “Adaptive Intrusion Detection Algorithm

based on Learning Algorithm”, The 30th Annual Conference of the IEEE Industrial
Electronics Society, Vol. 3, pp. 2229 – 2233.

• M. A. Sekeh, M. A. Bin Maarof, (2009) "Fuzzy Intrusion Detection System via Data
Mining Technique with Sequences of System Calls," Fifth International Conference on
Information Assurance and Security (IAS '09.), Vol.1, pp.154-157.

• S. Mabu, C. Chen, L. Nannan, K. Shimada, K. Hirasawa, (2011) "An Intrusion-

Detection Model Based on Fuzzy Class-Association-Rule Mining Using Genetic
Network Programming," IEEE Transactions on Systems, Man, and Cybernetics, Part
C: Applications and Reviews, Vol.41, No.1, pp.130-139.

• A.A. Ojugo, A.O. Eboka, O.E. Okonta, R.E Yoro (Mrs), F.O. Aghware, (2012)
“Genetic Algorithm Rule-Based Intrusion Detection System (GAIDS),” Journal of
Emerging Trends in Computing and Information Sciences, Vol. 3, No. 8, pp. 1182 –
1194. International Journal of Artificial Intelligence & Applications (IJAIA), Vol. 6,
No. 1, January 2015 38

• M. Md. M. Hassan, (2013) “Network Intrusion Detection System Using Genetic

Algorithm and Fuzzy Logic”, International Journal of Innovative Research in
Computer and Communication Engineering, Vol. 1, No. 7.

• P. Jongsuebsuk, N. Wattanapongsakorn, C. Charnsripinyo, (2013) "Real-time intrusion

detection with fuzzy genetic algorithm," 10th International Conference on Electrical
Engineering/Electronics, Computer, Telecommunications and Information Technology
(ECTI-CON), pp.1-6.

29 | P a g e
• A. Chaudhary, V. N. Tiwari, A. Kumar, (2014) "Design an anomaly based fuzzy
intrusion detection system for packet dropping attack in mobile ad hoc networks," IEEE
International Conference on Advance Computing (IACC), pp. 256-261.

• S. E. Benaicha, L. Saoudi, S. E. Bouhouita Guermeche, O. Lounis, (2014) "Intrusion

detection system using genetic algorithm," Science and Information Conference (SAI),
pp. 564-568.

• M. Padmadas, N. Krishnan, J. Kanchana, M. Karthikeyan, (2013) "Layered approach

for intrusion detection systems based genetic algorithm," IEEE International
Conference on Computational Intelligence and Computing Research (ICCIC), pp.1-4.

• R. B. Machado, A. Boukerche, J. B. M. Sobral, K. R. L. Juca, M. S. M.A. Notare,

(2005) “A Hybrid Artificial Immune and Mobile Agent Intrusion Detection Based
Model for Computer Network Operations”, Proceedings of the 19th IEEE International
Parallel and Distributed Processing Symposium, pp. 191a.

• Z. Pei, J. Song, (2008) “Application of Immune Algorithm to Generate Fuzzy-detector

in Intrusion detection”, Fourth International Conference on Natural Computation
(ICNC), Vol. 5, pp. 183 186.

• Y. P. Zhou, (2009) “Hybrid Model based on Artificial Immune System and PCA Neural
Networks for Intrusion Detection”, Asia-Pacific Conference on Information
Processing, Vol. 1, pp. 21 – 24.

• V. Golovko, M. Komar, A. Sachenko, (2010) “Principles of Neural Network Artificial

Immune System Design to Detect Attacks on Computers”, International Conference on
Modern Problems of Radio Engineering, Telecommunications and Computer Science
(TCSET), pp. 237.

• M. Elsadig, A. Abdullah, B. B. Samir, (2010) “Immune Multi Agent System for

Intrusion Prevention and Self-Healing System Implement a Non-Linear Classification”,
International Symposium in Information Technology (ITSim), Vol. 3, pp.1 – 6.

30 | P a g e
• Z. S. Jing, S. W. Li, R. Hui, C. Z. Ting, Y. Yu, (2011) “Research of Intelligent Immune
Intrusion Detection System About Combating Virus with “Virus”, IEEE 2nd
International Conference on Software Engineering and Service Science (ICSESS), pp.
753 756.

• C.M. Ou, Y.T. Wang, C.R. Ou, (2011) “Intrusion Detection Systems Adapted from
Agent-based Artificial Immune Systems”, IEEE International Conference on Fuzzy
Systems, pp. 115 – 122.

• Q. Meng, (2011) “An Immune-Neuroendocrine-Inspired Inspired Artificial

Homeostatic SecurityCoordination Model for E-Government System”, 2nd
International Conference on Artificial Intelligence, Management Science and
Electronic Commerce (AIMSEC), pp. 6960 6963.

• R. Dove, (2011) “Self-Organizing Resilient Network Sensing (SornS) with Very

Large-Scale Anomaly Detection”, IEEE International Conference on Technologies for
Homeland Security (HST), pp. 487 – 493.

• F. Jiang, M. Frater, J. Hu, (2011) “A Bio-inspired Host-based Multi-engine Detection

System with Sequential Pattern Recognition”, Ninth IEEE International Conference on
Dependable, Autonomic and Secure Computing, pp. 145 – 150.

• E.W.T. Ferreira, G.A. Carrijo, R. de Oliveira, N.V. de Souza Araujo, (2011) "Intrusion
Detection System with Wavelet and Neural Artifical Network Approach for Networks
Computers," Latin America Transactions, IEEE (Revista IEEE America Latina) , Vol.
9, No. 5, pp. 832-837.

• N. Wattanapongsakorn, S. Srakaew, E. Wonghirunsombat, C. Sribavonmongkol, T.

Junhom, P. Jongsubsook, C. Charnsripinyo, (2012) “A Practical Network-based
Intrusion Detection and Prevention System”, IEEE 11th International Conference on
Trust, Security and Privacy in Computing and Communications, pp. 209 – 214.

• A. S. A. Aziz, M. A. Salama, A. Hassanien, S. E. Hanafi, (2012) “Artificial Immune

System Inspired Intrusion Detection System Using Genetic Algorithm”, Informatica,
Vol. 36, pp. 347 358.

31 | P a g e
• F. Barani, (2014) "A hybrid approach for dynamic intrusion detection in ad hoc
networks using genetic algorithm and artificial immune system," Iranian Conference
on Intelligent Systems (ICIS), pp.1 6.

• P. K. Harmer, P. D. Williams, G. H. Gunsch, G. B. Lamont, (2002) “An Artificial

Immune System Architecture for Computer Security Applications”, IEEE transactions
on evolutionary computation, Vol. 6, No. 3, pp. 252¬ 280. International Journal of
Artificial Intelligence & Applications (IJAIA), Vol. 6, No. 1, January 2015 39

• S. Sharma, S. Kumar, M. Kaur, (2014) “Recent Trend in Intrusion Detection using

Fuzzy-Genetic Algorithm,” International Journal of Advanced Research in Computer
and Communication Engineering, Vol. 3, No. 5.

• A. Einipour, (2012) “Autonomic Agent-Based Self-Managed Intrusion Detection and

Prevention System”, Global Journal of Computer Science and Technology Neural &
Artificial Intelligence, Vol. 12, No. 11, Version 1.0.

• B. Stahl, D. Elizondo, M. C. Mayer, Y. Zheng, K. Wakunuma, (2010) “Ethical and

Legal Issues of the Use of Computational Intelligence Techniques in Computer
Security and Computer Forensics”, International Joint Conference on Neural Networks
(IJCNN), pp. 1 8.

32 | P a g e