A Hybrid Model for Anomaly-Based Intrusion Detection System

Anomaly-based systems have become critical to the fields of information technology. Since last few years, evolution of anomaly-based intrusion detection system (IDS), improving detection accuracy, and training data preprocessing have been getting specifically important to the researchers of this field. In previous years, a lot have been discussed on the problems in using anomaly-based and hybrid IDSs. Anomaly-based approach is comparatively efficient from signature-based in novel attacks on computer network. However, in some cases, signature-based system is quick in identifying attacks from anomaly systems. In this work, authors have applied preprocessing in KDD 99 and have collected dataset using information gain. Authors have named collected dataset NUM15 as some of the features and redundant data are beside the point which decreases processing time and performance of IDS. After that, naive Bayes and Snort are used to classify the compression results and training the machine in parallel model. This hybrid model combines anomaly and signature detection that can accomplish detection of network anomaly. The results show that the proposed hybrid model can increase the accuracy and can detect novel intrusions.

[1]  Kanubhai K. Patel,et al.  An Architecture of Hybrid Intrusion Detection System , 2012 .

[2]  Yingxu Lai,et al.  A Data Mining Framework for Building Intrusion Detection Models Based on IPv6 , 2009, ISA.

[3]  Al-Sakib Khan Pathan,et al.  The State of the Art in Intrusion Prevention and Detection , 2014 .

[4]  Kalyan Veeramachaneni,et al.  AI^2: Training a Big Data Machine to Defend , 2016, 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS).

[5]  Mohammad Javad Golkar,et al.  A hybrid method consisting of GA and SVM for intrusion detection system , 2016, Neural Computing and Applications.

[6]  Jeffrey Fan,et al.  Ensemble of machine learning algorithms for intrusion detection , 2009, 2009 IEEE International Conference on Systems, Man and Cybernetics.

[7]  Elias Procópio Duarte,et al.  System and Network Security: Anomaly Detection and Monitoring , 2016, J. Electr. Comput. Eng..

[8]  Consolación Gil,et al.  Design of a Snort-Based Hybrid Intrusion Detection System , 2009, IWANN.

[9]  Mamun Bin Ibne Reaz,et al.  Review of IDS Develepment Methods in Machine Learning , 2016 .

[10]  S. Papavassiliou,et al.  Improving network anomaly detection via selective flow-based sampling , 2008, IET Commun..

[11]  Saurabh Mukherjee,et al.  Layered approach for intrusion detection using naïve Bayes classifier , 2012, ICACCI '12.

[12]  اسماء شاكر عاشور الزبيدي Importance of Intrusion Detection System (IDS) , 2015 .

[13]  T. Yorozu,et al.  Electron Spectroscopy Studies on Magneto-Optical Media and Plastic Substrate Interface , 1987, IEEE Translation Journal on Magnetics in Japan.

[14]  Fakariah Hani Mohd Ali,et al.  Evaluation effectiveness of hybrid IDS using Snort with Naïve Bayes to detect attacks , 2012, 2012 Second International Conference on Digital Information and Communication Technology and it's Applications (DICTAP).

[15]  Gholamhossein Dastghaibyfard,et al.  Two-tier network anomaly detection model: a machine learning approach , 2017, Journal of Intelligent Information Systems.

[16]  Akhilesh Tiwari,et al.  A Novel Data Mining based Hybrid Intrusion Detection Framework , 2014 .

[17]  Saliha Buyukcorak,et al.  Hybrid Intrusion Detection System for DDoS Attacks , 2016, J. Electr. Comput. Eng..

[18]  Parag Kulkarni,et al.  Pattern Based Network Security Using Semi-Supervised Learning , 2012 .

[19]  Yan Wang,et al.  Problems of KDD Cup 99 Dataset Existed and Data Preprocessing , 2014 .

[20]  Thuzar Hlaing,et al.  Feature Selection and Fuzzy Decision Tree for Network Intrusion Detection , 2012 .

[21]  Reazul Kabir,et al.  A Network Intrusion Detection Framework based on Bayesian Network using Wrapper Approach , 2017 .

[22]  R. A. Maxion,et al.  Proper Use of ROC Curves in Intrusion/Anomaly Detection , 2004 .