An analysis of random forest algorithm based network intrusion detection system

Abstract

In the world today, the security of the computer system is of great importance, And in the last few years, there have seen an affected growth in the amount of intrusions that intrusion detection has become the dominant of current information security. Firewalls cannot provide complete protection. Applying on a firewall system alone is not enough to prevent a corporate network from all types of network attacks. Therefore more system should be complemented by intrusion detection system. Data mining skills can be used as an effective approach to detect intrusions in intrusion detection system. Data Mining and Knowledge Discovery is the computerized process of trenching and analysis of huge amounts of data, and then extract the meaning of the data. Data mining tools can assist to predict future behaviors and trends, so that organizations proactively, can make decisions based on knowledge. Data mining can answer organization questions that were too traditional time, to solve. Data mining takes its name from the valuable information in a large database. Recent studies display that cascading based approaches of several algorithms are much better performance than an individual algorithm. In this research, we use K-means and Random Forest algorithm to classify instances. This model was verified using KDD'99 data set. Experimental results show that hybrid methods can support suitable detection rates and lower model training time than using single algorithm.