Modelling of intelligent intrusion detection system: making a case for snort

Abstract

Intrusion Detection System (IDS) is a dynamic network security defense technology that can help to provide realtime detection of internal and external attacks on a computer network and alerting the administration for necessary action. However, the inconsistent nature of networks has resulted in a high number of false positives which makes many network administrators thought IDS to be unreliable for today’s network security system. Nowadays, hackers and attackers have created many new viruses and malware to invade one’s computer network system. Hence, this study proposes a method for early detection of an intrusion by using Snort software. The data collected was used to train the Multilayer Feedforward Neural Network (MLFNN) with Back-propagation (BP) algorithm. This MLFNN with BP algorithm was simulated using MATLAB software. The performance of this classifier was evaluated based on three parameters: accuracy, sensitivity, and False Positive Rate (FPR). Preprocessing was done to classify the output data into normal and attack. Performance evaluation was done using confusion matrix on the data. The results showed that network-based intrusion detection system could be employed for early detection of intrusion due to the excellent performance recorded which were 94.92% of accuracy, 97.97% for sensitivity, and 0.69% for FPR.