A Data Mining Approach for Intrusion Detection in a Computer Network

Abstract

As activities being done on the internet keep expanding every day due to the fact that we are in the era of the information age, securing sensitive and crucial data on computer networks against malicious attacks tends to be a challenging issue. Designing effective Intrusion Detection Systems (IDSs) with maximized accuracy and low rate of false alarms is an imperative need in the world of cyber-attacks. This work was designed to employ an ensemble data mining technique for improving IDSs by carrying out some experiments using the KDD 99 intrusion dataset. Dataset was fragmented into five, representing the major categories of attacks: Normal, DOS (Denial of Service), Probing (Information gathering), R2L (Remote to Local) and U2R (User to Root). An ensemble classifier using the Stacking method with the Naïve Bayes and Multilayer perceptron algorithms as the base classifiers and J48 as the meta learner was developed. The base classifiers were also employed on the dataset individually, and performance comparison was done between individual classifiers and the ensemble classifier. A 10-fold cross validation for training and testing of data and Gain ratio technique for filtering of the dataset was adopted. Ensemble classifier maximized accuracy the most and helped in reduction of false positives of the U2R attack type.