Efficient host based intrusion detection system using Partial Decision Tree and Correlation feature selection algorithm

System security has become significant issue in many organizations. The attacks like DoS, U2R, R2L and Probing etc., creating a serious threat to the appropriate operation of Internet services as well as in host system. In recent years, intrusion detection system is designed to prevent the intruder in the host as well as in network systems. Existing host based intrusion detection systems detects the intrusion using complete feature set and it is not fast enough to detect the attacks. To overcome this problem, this paper proposes an efficient HIDS - Correlation based Partial Decision Tree Algorithm (CPDT). The proposed CPDT combines Correlation feature selection for selecting features and Partial Decision Tree (PART) for classifying the normal and the abnormal packets. The algorithm is implemented and has been validated within KDD'99 dataset and found to give better results than the existing algorithms. The proposed CPDT model provides the accuracy of 99.9458%.

[1]  Yahya Slimani,et al.  Meta-learning in grid-based data mining systems , 2010, Int. J. Commun. Networks Distributed Syst..

[2]  Ramesh Chandra Joshi,et al.  Parallel Misuse and Anomaly Detection Model , 2012, Int. J. Netw. Secur..

[3]  Massimo Ficco,et al.  A Generic Intrusion Detection and Diagnoser System Based on Complex Event Processing , 2011, 2011 First International Conference on Data Compression, Communications and Processing.

[4]  Jiankun Hu,et al.  A program-based anomaly intrusion detection scheme using multiple detection engines and fuzzy inference , 2009, J. Netw. Comput. Appl..

[5]  Nilima P. Patil,et al.  Comparison of C5.0 & CART Classification algorithms using pruning technique , 2012 .

[6]  Yan Zhang,et al.  The Design and Implementation of Host-Based Intrusion Detection System , 2010, 2010 Third International Symposium on Intelligent Information Technology and Security Informatics.

[7]  C Hemalatha,et al.  A New Data Mining Based Network Intrusion Detection Model , 2012 .

[8]  Kai Hwang,et al.  Collaborative Detection of DDoS Attacks over Multiple Network Domains , 2007, IEEE Transactions on Parallel and Distributed Systems.

[9]  Firkhan Ali Bin Hamid Ali,et al.  Development of host based intrusion detection system for log files , 2011, 2011 IEEE Symposium on Business, Engineering and Industrial Applications (ISBEIA).

[10]  Min Xiao,et al.  Research and implementation on snort-based hybrid intrusion detection system , 2009, 2009 International Conference on Machine Learning and Cybernetics.

[11]  Xiaoming Zhang,et al.  Complex Event Processing over distributed probabilistic event streams , 2012, FSKD.

[12]  Harish Chandra Maurya,et al.  A Research Paper on Hybrid Intrusion Detection System , 2013 .

[13]  T. Venkateswara Rao,et al.  Robust Statistical Outlier based Feature Selection Technique for Network Intrusion Detection , 2012 .

[14]  Yaping Dai,et al.  A novel adaptive intrusion detection approach based on comparison of neural networks and idiotypic networks , 2009, 2009 2nd International Workshop on Nonlinear Dynamics and Synchronization.

[15]  Payam Emami Khoonsari,et al.  A Comparison of Efficiency and Robustness of ID3 and C4.5 Algorithms Using Dynamic Test and Training Data Sets , 2011 .

[16]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.