Enhancing Performance Using New Hybrid Intrusion Detection System

IF 1.2 Q2 AGRICULTURE, MULTIDISCIPLINARY

International Journal of Sustainable Agricultural Management and Informatics Pub Date : 2022-07-12 DOI:10.51903/jmi.v1i1.134

Candra Supriadi, Charli Sitinjak, Fujiama Diapoldo Silalahi, Nia Dharma Pertiwi, Sigit Umar Anggono

{"title":"Enhancing Performance Using New Hybrid Intrusion Detection System","authors":"Candra Supriadi, Charli Sitinjak, Fujiama Diapoldo Silalahi, Nia Dharma Pertiwi, Sigit Umar Anggono","doi":"10.51903/jmi.v1i1.134","DOIUrl":null,"url":null,"abstract":"Intrusion Detection Systems (IDS) are an efficient defense against network attacks as well as host attacks as they allow network/host administrators to detect any policy violations. However, traditional IDS are vulnerable and unreliable for new malicious and genuine attacks. In other case, it is also inefficient to analyze large amount of data such as possibility logs. Furthermore, for typical OS, there are a lot of false positives and false negatives. There are some techniques to increase the quality and result of IDS where data mining is one of technique that is important to mining the information that useful from a large amount of data which noisy and random. The purpose of this study is to combine three technique of data mining to reduce overhead and to improve efficiency in intrusion detection system (IDS). The combination of clustering (Hierarchical) and two categories (C5, CHAID) is proposed in this study. The designed IDS is evaluated against the KDD'99 standard Data set (Knowledge Discovery and Data Mining), which is used to evaluate the efficacy of intrusion detection systems. The suggested system can detect intrusions and categorize them into four categories: probe, DoS, U2R (User to Root), and R2L (Remote to Local). The good performance of IDS in case of accuracy and efficiency was the result of this study.","PeriodicalId":37272,"journal":{"name":"International Journal of Sustainable Agricultural Management and Informatics","volume":null,"pages":null},"PeriodicalIF":1.2000,"publicationDate":"2022-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Sustainable Agricultural Management and Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.51903/jmi.v1i1.134","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"AGRICULTURE, MULTIDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

Abstract

Intrusion Detection Systems (IDS) are an efficient defense against network attacks as well as host attacks as they allow network/host administrators to detect any policy violations. However, traditional IDS are vulnerable and unreliable for new malicious and genuine attacks. In other case, it is also inefficient to analyze large amount of data such as possibility logs. Furthermore, for typical OS, there are a lot of false positives and false negatives. There are some techniques to increase the quality and result of IDS where data mining is one of technique that is important to mining the information that useful from a large amount of data which noisy and random. The purpose of this study is to combine three technique of data mining to reduce overhead and to improve efficiency in intrusion detection system (IDS). The combination of clustering (Hierarchical) and two categories (C5, CHAID) is proposed in this study. The designed IDS is evaluated against the KDD'99 standard Data set (Knowledge Discovery and Data Mining), which is used to evaluate the efficacy of intrusion detection systems. The suggested system can detect intrusions and categorize them into four categories: probe, DoS, U2R (User to Root), and R2L (Remote to Local). The good performance of IDS in case of accuracy and efficiency was the result of this study.

查看原文本刊更多论文

利用新型混合入侵检测系统提高性能

入侵检测系统(IDS)是针对网络攻击和主机攻击的有效防御，因为它们允许网络/主机管理员检测任何违反策略的行为。然而，对于新的恶意攻击和真正的攻击，传统的IDS是脆弱和不可靠的。在另一种情况下，分析可能性日志等大量数据也是低效的。此外，对于典型的操作系统，存在大量的假阳性和假阴性。为了提高入侵检测的质量和效果，有很多技术可以采用，其中数据挖掘技术就是从大量具有噪声和随机性的数据中挖掘有用信息的重要技术之一。本研究的目的是将三种数据挖掘技术结合起来，以减少入侵检测系统的开销，提高系统的效率。本研究提出了聚类(Hierarchical)与两类(C5, CHAID)相结合的方法。根据KDD'99标准数据集(知识发现和数据挖掘)对所设计的入侵检测系统进行了评估，该标准数据集用于评估入侵检测系统的有效性。建议的系统可以检测入侵并将其分为四类:probe、DoS、U2R (User to Root)和R2L (Remote to Local)。本研究的结果是IDS在准确性和效率方面具有良好的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Sustainable Agricultural Management and Informatics Agricultural and Biological Sciences-Agricultural and Biological Sciences (all)

CiteScore

2.30

自引率

50.00%

发文量