Data Mining Based Intrusion Detection

With popularization of internet, internet attack cases are increasing, and attack methods differs each day, thus information safety problem has became a significant issue all over the world. Nowadays, it is an urgent need to detect, identify and hold up such attacks effectively. Intrusion detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. Intrusion detection does not, in general, include prevention of intrusions. Intrusion detection systems have been used along with the data mining techniques to detect intrusions. This paper intends to compare efficiency of machine learning methods in intrusion detection system, including classification tree and support vector machine, with the hope of providing reference for establishing intrusion detection system in future. It calculates the mean value via sampling different ratios of normal data for each measurement, which leads to reach a better accuracy rate in real world. It compares the detection rate and false alarm rate for attack types. As results indicate, C4.5 algorithm is better than SVM in detecting network intrusions and false alarm rate in KDD CUP 99 dataset.