Improving Intrusion Detection System Based on KNN and KNN-DS with detection of U2R, R2L attack for Network Probe Attack Detection
نویسندگان
چکیده
This paper describes a hybrid design for intrusion detection that combines anomaly detection with misuse detection. The proposed method includes an ensemble feature selecting classifier and a data mining classifier. The former consists of four classifiers using different sets of features and each of them employs a machine learning algorithm named fuzzy belief k-NN classification algorithm. The latter applies data mining technique to automatically extract computer users’ normal behavior from training network traffic data. The outputs of ensemble feature selecting classifier and data mining classifier are then fused together to get the final decision. The experimental results indicate that hybrid approach effectively generates a more accurate intrusion detection model on detecting both normal usages and malicious activities.
منابع مشابه
Category-Based Intrusion Detection Using PCA
Existing Intrusion Detection Systems (IDS) examine all the network features to detect intrusion or misuse patterns. In feature-based intrusion detection, some selected features may found to be redundant, useless or less important than the rest. This paper proposes a category-based selection of effective parameters for intrusion detection using Principal Components Analysis (PCA). In this paper,...
متن کاملA Novel Intrusion Detection Systems based on Genetic Algorithms-suggested Features by the Means of Different Permutations of Labels’ Orders
Intrusion detection systems (IDS) by exploiting Machine learning techniques are able to diagnose attack traffics behaviors. Because of relatively large numbers of features in IDS standard benchmark dataset, like KDD CUP 99 and NSL_KDD, features selection methods play an important role. Optimization algorithms like Genetic algorithms (GA) are capable of finding near-optimum combination of the fe...
متن کاملIntrusion Detection Using Conditional Random Fields
Intrusion detection systems have become a key component in ensuring the safety of systems and networks. This paper introduces the probabilistic approach called Conditional Random Fields (CRF) for detecting network based intrusions. In this paper, we have shown results for the issue of accuracy using CRFs. It is demonstrated that high attack detection accuracy can be achieved by using Conditiona...
متن کاملFeature Deduction and Ensemble Design of Parallel Neural Networks for Intrusion Detection System
In this modern age of computer networks, there is an ultimate demand for development of reliable, extensible, easily manageable and have low maintenance cost solutions for intrusion detection. We have used KDD‟99 dataset for experimental verifications of our proposed approach. With the features reduction step, it is possible to significantly reduce the number of input features so that the chanc...
متن کاملReal-Time intrusion detection alert correlation and attack scenario extraction based on the prerequisite consequence approach
Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...
متن کامل