keywords: Attack, intrusion detection, KDDCUP99, K-nearest neighbor, randomizable filter
Intrusion detection is the process of monitor the event occurring in a computer network and analyzing them for signs of intrusions. In recent years, the needs of internet are felt in lives of many people. Accordingly, many studies have been done on security in virtual environments. The earliest techniques such as authentication, firewalls and encryption could not be utilized toprovide the complete internet security. Similarly, the motivations to create a new solution approach and a defense system in cyber environment led to introduction of numerous intrusion detection systems (IDS); i.e. different algorithms. However, the results have shown that using a machine learning and knowledge discovery techniques are very effective and increase the detection accuracy of anomalies on a real time computer networks. Therefore, this study presents an ensemble of randomizable filtered and K-Nearest Neighbor classifier for selecting features in order to enhance network intrusion detection and increase the accuracy of anomaly detection in a real time computer network. Furthermore, data preprocessing and analysis are undertaken using KDDcup99 dataset and a filter, such that best features are selected and irrelevant, redundant, noisy data are removed. The selected features are passed as input to the based classifier for classification and optimization. The based classifier KNN is employed to increase the amount of learning, the efficiency of classification and thereby increasing the authenticity of intrusion detection. Experimental results obtained reveals that the proposed algorithm is very promising accurately detecting anomalies on a computer network.
Bace RG 2000. Intrusion detection. Sams Publishing. Balogun AO & Jimoh RG 2015. Anomaly Intrusion Detection Using an Hybrid Of Decision Tree And K-Nearest Neighbor. J. Adva. Scientific Res. & Applic. (JASRA), 2(1): 67-74. Chandrashekhar AM & Raghuveer K 2012. Performance evaluation of data clustering techniques using KDD Cup-99 Intrusion detection data set. Inter. J. Infor & Network Secu., 1(4): 294 - 305. Denning DE 1987. An intrusion-detection model. IEEE Transactions on Software Engineering, 2: 222-232. Durst R, Champion T, Miller E, Spagnuolo L & Witten B 1999. Testing and evaluating computer intrusion detection systems. Communications of the ACM, 42(9): 15-15. Erbacher RF, Walker KL & Frincke DA 2002. Intrusion and misuse detection in large-scale systems. IEEE Computer Graphics & Applications, 22(1): 38-47. Hall M, Frank E, Holmes G, Pfahringer B, Reutemann P & Witten IH 2009. The WEKA data mining software: an update. ACM SIGKDD Explorations Newsletter, 11(1): 10-18. Heady R, Luger G, Maccabe A & Servilla M 1990. The architecture of a network level intrusion detection system. Technical Report, Department of Computer Science, University of New Mexico. Karthikeyan KR & Indra A 2010. Intrusion detection tools and techniques-a survey. Int. J. Computer Theory & Eng., 2(6): 901 Lane TD 2000. Machine learning techniques for the computer security domain of anomaly detection. Ph.D. Thesis, Purdue Univ., West Lafayette, IN, USA Lee W, Stolfo SJ & Mok KW 1999. A data mining framework for building intrusion detection models. In Proceedings of the 1999 IEEE Symposium onSecurity and Privacy, pp. 120-132. Patcha A & Park JM 2007. An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks, 51(12): 3448-3470. Proença Jr. ML, Coppelmans C, Botolli M & Mendes LS 2006. Security and reliability in information systems and networks: Baseline to help with network management, pp.149 -157. Saxena H & Richariya V 2014. Intrusion detection in KDD99 dataset using SVM-PSO and feature reduction with information gain. International Journal of Computer Applications, 98(6): 25 – 29. Sundaram A 1996. An introduction to intrusion detection. ACM Crossroads, 2(4): 3-7. Wong WT & Lai CY 2006. Identifying important features for intrusion detection using discriminant analysis and support vector machine. In: IEEE 2006 Inter. Conf. onMachine Learning and Cybernetics, pp. 3563-3567.