A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA

Abstract

In the Area of Security, Intrusion Detection System (IDS) form an individual trailing and plays an essential role in information Security. As the usability of the internet among the users in a wide area is increasing day by day so as the importance of security and to keep the system aware of the malicious activities is also increasing. It has the following limitations on low detection rate, high false alarm rate and so on which is been indicated by the traditional Intrusion Detection System. A performance of the classifier is based on the necessity of the terms of its effectiveness, and it is also concerned with the number of features to be examined by the IDS should be improved. In this, J48 is been performed on the hybrid IDS and is applied using J48 Decision Tree algorithm, J48 Decision Tree is used for the feature selection and Naive Bayes Algorithm. Basically Intrusion detection systems (IDSs) is been used on the basis of two fundamental approaches first the recognition of anomalous activities as it generally occurs on the turns from usual or unusual behavior and second misuse detection by observing unauthorized “signatures” of those recognized malicious assaults and classification vulnerabilities. Anomaly or the anonymous (behavior-based) IDSs presume the difference of normal behavior beneath attacks and achieve abnormal activities evaluated and recognized with predefined system or user behavior reference model. The main focus of this survey is on WEKA (Waikato Environment for Knowledge Analysis) Tool and its various algorithms of classification used for detecting and analyzing the various intrusions. Lastly, In this survey, we lead to elaborate the mostly used dataset in information security research KDDCUP and NSL KDD and its various components.