A new adaptive intrusion detection system based on the intersection of two different classifiers

Nowadays, the intrusion detection system (IDS) has become one of the most important weapons against cyber-attacks. The simple single-level IDS cannot detect both attack types and normal behaviour with high detection rate. To overcome this limit, we propose a new approach for intrusion detection. The idea of this paper is to use two different classifiers iteratively, where each-iteration represents one level in the built model. To ensure the adaptation of our model, we add a new level whenever the sum of new attacks and the rest of the training dataset reaches the threshold. To build our model, we have used Fuzzy Unordered Rule Induction Algorithm and Random Forests as classifiers. The experiment on the KDD99 dataset shows the high performance of our model that demonstrates its ability to detect the low frequent attack without losing their high performance in the detection of frequent attack and normal behaviour. Furthermore, our model gives the highest detection rate and the highest accuracy, compared with some models well known in the literature related to intrusion detection.

[1]  Ian Witten,et al.  Data Mining , 2000 .

[2]  Yu Liu,et al.  Modelling misbehaviour in ad hoc networks: a game theoretic approach for intrusion detection , 2006, Int. J. Secur. Networks.

[3]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[4]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[5]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[6]  Michaël Rusinowitch,et al.  Efficient decision tree for protocol analysis in intrusion detection , 2010, Int. J. Secur. Networks.

[7]  Eyke Hüllermeier,et al.  FURIA: an algorithm for unordered fuzzy rule induction , 2009, Data Mining and Knowledge Discovery.

[8]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[9]  Jugal K. Kalita,et al.  A rough set-based effective rule generation method for classification with an application in intrusion detection , 2013, Int. J. Secur. Networks.

[10]  Stefan Axelsson,et al.  Intrusion Detection Systems: A Survey and Taxonomy , 2002 .

[11]  Bing Wu,et al.  Experimental analysis of application-level intrusion detection algorithms , 2010, Int. J. Secur. Networks.

[12]  Chunlin Zhang,et al.  Intrusion detection using hierarchical neural networks , 2005, Pattern Recognit. Lett..

[13]  Do-Hoon Lee,et al.  sIDMG: Small-Size Intrusion Detection Model Generation of Complimenting Decision Tree Classification Algorithm , 2006, WISA.

[14]  James Cannady,et al.  Artificial Neural Networks for Misuse Detection , 1998 .

[15]  S. Srinoy,et al.  Anomaly-Based Intrusion Detection using Fuzzy Rough Clustering , 2006, 2006 International Conference on Hybrid Information Technology.

[16]  William W. Cohen Fast Effective Rule Induction , 1995, ICML.

[17]  Steven L. Scott,et al.  A Bayesian paradigm for designing intrusion detection systems , 2004, Computational Statistics & Data Analysis.

[18]  Marc Dacier,et al.  A revised taxonomy for intrusion-detection systems , 2000, Ann. des Télécommunications.

[19]  Hong Shen,et al.  Application of online-training SVMs for real-time intrusion detection with different considerations , 2005, Comput. Commun..

[20]  C. Xiang,et al.  Design of mnitiple-level tree classifiers for intrusion detection system , 2004, IEEE Conference on Cybernetics and Intelligent Systems, 2004..

[21]  Cheng Xiang,et al.  Design of Multiple-Level Hybrid Classifier for Intrusion Detection System , 2005, 2005 IEEE Workshop on Machine Learning for Signal Processing.

[22]  Eric B. Cole,et al.  Network Security Bible , 2005 .

[23]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[24]  Adel Nadjaran Toosi,et al.  A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers , 2007, Comput. Commun..