{"title":"A Hybrid Behavioural Based Cyber Intrusion Detection System","authors":"Alemtsehay Adhanom, H. M. Melaku","doi":"10.1504/IJCNDS.2019.10020192","DOIUrl":null,"url":null,"abstract":"The experience of deploying intrusion detection system (IDS) for securing computer system is being matured. There are knowledge-based (misuse) and anomaly IDS. In knowledge-based IDS, prior knowledge of the attack is needed for detection and during anomaly, behaviour of normal data is studied, when new data is arrived and there is a deviation, it is considered as an attack. In this thesis, we present a hybrid intrusion detection system called behavioural-based cyber intrusion detection system, based on two data mining algorithms, decision tree and association rule mining. The decision tree algorithm is used to detect misuse intrusions but it considers new attacks as normal. Association rule mining works by using the normal output of decision tree as input for further detection. Further, we implement the proposed model using java programming language. We have used a reduced and enhanced non-redundant NSL_KDD dataset for training and testing. Evaluation results show that it provides improved detection rate and lower false alarm rates.","PeriodicalId":45170,"journal":{"name":"International Journal of Communication Networks and Distributed Systems","volume":null,"pages":null},"PeriodicalIF":1.0000,"publicationDate":"2019-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Communication Networks and Distributed Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJCNDS.2019.10020192","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 1
Abstract
The experience of deploying intrusion detection system (IDS) for securing computer system is being matured. There are knowledge-based (misuse) and anomaly IDS. In knowledge-based IDS, prior knowledge of the attack is needed for detection and during anomaly, behaviour of normal data is studied, when new data is arrived and there is a deviation, it is considered as an attack. In this thesis, we present a hybrid intrusion detection system called behavioural-based cyber intrusion detection system, based on two data mining algorithms, decision tree and association rule mining. The decision tree algorithm is used to detect misuse intrusions but it considers new attacks as normal. Association rule mining works by using the normal output of decision tree as input for further detection. Further, we implement the proposed model using java programming language. We have used a reduced and enhanced non-redundant NSL_KDD dataset for training and testing. Evaluation results show that it provides improved detection rate and lower false alarm rates.
期刊介绍:
IJCNDS aims to improve the state-of-the-art of worldwide research in communication networks and distributed systems and to address the various methodologies, tools, techniques, algorithms and results. It is not limited to networking issues in telecommunications; network problems in other application domains such as biological networks, social networks, and chemical networks will also be considered. This feature helps in promoting interdisciplinary research in these areas.