Abstract
The widespread acceptance and increase of the Internet and mobile technologies have revolutionized our existence. On the other hand, the world is witnessing and suffering due to technologically aided crime methods. These threats, including but not limited to hacking and intrusions and are the main concern for security experts. Nevertheless, the challenges facing effective intrusion detection methods continue closely associated with the researcher’s interests. This paper’s main contribution is to present a host-based intrusion detection system using a C4.5-based detector on top of the popular Consolidated Tree Construction (CTC) algorithm, which works efficiently in the presence of class-imbalanced data. An improved version of the random sampling mechanism called Supervised Relative Random Sampling (SRRS) has been proposed to generate a balanced sample from a high-class imbalanced dataset at the detector’s pre-processing stage. Moreover, an improved multi-class feature selection mechanism has been designed and developed as a filter component to generate the IDS datasets’ ideal outstanding features for efficient intrusion detection. The proposed IDS has been validated with state-of-the-art intrusion detection systems. The results show an accuracy of 99.96% and 99.95%, considering the NSL-KDD dataset and the CICIDS2017 dataset using 34 features.
Highlights
Due to the extensive proliferation of network and communication devices in datacentric environments, security experts’ managing security becomes an utmost challenge.The challenge is the evolvement of newfangled network threats that sneak into the computing environments to compromise the security policies, privacy, and even locking down the system indefinitely
When the proposed Intrusion Detection System (IDS) model is validated on the NSL-KDD dataset separately using the feature subset (20 features) and all the ranked features generated by Infinite Feature Selection for Multiclass Classification (IIFS-MC), the proposed IDS model reveals a decent detection output
The performance of the proposed model combining CTC, IIFS, and Supervised Relative Random Sampling (SRRS) is outlined in Table 20, and detection output has been depicted in Figures 2 and 3
Summary
Due to the extensive proliferation of network and communication devices in datacentric environments, security experts’ managing security becomes an utmost challenge. The challenge is the evolvement of newfangled network threats that sneak into the computing environments to compromise the security policies, privacy, and even locking down the system indefinitely. Intrusion Detection System (IDS) plays a crucial role in countering incoming network threats before it starts its harmful behavior. Intrusion detection consists of identifying the malevolent activities in a host, which eventually propagate to the other hosts over the network. The harmful behavior of these activities is visible once it starts affecting the target hosts. The objective of IDS is to analyze, detect and report malicious activities in a host or network [1]. An IDS employs anomaly-based detection [2,3], signature-based detection [4,5,6], or a combination of both [7,8]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
