Study of Tree Base Data Mining Algorithms for Network Intrusion Detection
نویسنده
چکیده
Internet growth has increased rapidly due to which number of network attacks have been increased. This emphasis importance of network intrusion detection systems (IDS) for securing the network. It is the process of monitoring and analyzing network traffic for detecting security violations many researcher suggested data mining technique such as classification, clustering ,pattern matching and rule induction for developing an effective intrusion detection system. In order to detect the intrusion, the network traffic can be classified into normal and anomalous. In this paper we have evaluated tree base classification algorithms namely J48, Hoeffding tree, Random Forest, Random Tree, REPTree. The comparison of these tree based classification algorithms is presented in this paper based upon their performance metrics using 10 fold cross validation and KDDCUP test dataset. This study shows that random forest and J48 are the best suitable tree base algorithms. KeywordsClassification; Data Mining; Intrusion Detection; KDD CUP dataset; Network Security;IDS; J48;Hoeffding tree; Random Forest; Random Tree; REPTree; WEKA __________________________________________________*****_________________________________________________
منابع مشابه
Anomaly Base Network Intrusion Detection by Using Random Decision Tree and Random Projection: A Fast Network Intrusion Detection Technique
Network Intrusion Detection Systems (NIDSs) have become an important component in network security infrastructure. Currently, many NIDSs are rule-based systems whose performances highly depend on their rule sets. Unfortunately, due to the huge volume of network traffic, coding the rules by security experts becomes difficult and time-consuming. Since data mining techniques can build network intr...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملSecuring Cluster-heads in Wireless Sensor Networks by a Hybrid Intrusion Detection System Based on Data Mining
Cluster-based Wireless Sensor Network (CWSN) is a kind of WSNs that because of avoiding long distance communications, preserve the energy of nodes and so is attractive for related applications. The criticality of most applications of WSNs and also their unattended nature, makes sensor nodes often susceptible to many types of attacks. Based on this fact, it is clear that cluster heads (CHs) are ...
متن کاملIntrusion Detection and Classification Using Improved ID3 Algorithm of Data Mining
Intrusion detection technology exists a lot of problems, such as low performance, low intelligent level, high false alarm rate, high false negative rate and so on. There is a need to develop some robust decision tree in order to produce effective decision rules from the attacked data. In this paper, ID3 decision tree classification method is used to build an effective decision tree for intrusio...
متن کاملAnomaly Detection Using SVM as Classifier and Decision Tree for Optimizing Feature Vectors
Abstract- With the advancement and development of computer network technologies, the way for intruders has become smoother; therefore, to detect threats and attacks, the importance of intrusion detection systems (IDS) as one of the key elements of security is increasing. One of the challenges of intrusion detection systems is managing of the large amount of network traffic features. Removing un...
متن کامل