A Hybrid Particle Swarm Optimization and C4.5 for Network Intrusion Detection and Prevention System

Abstract

Network Intrusion Detection and Prevention systems (NIDPS) ensure network security and used to effectively detect various attacks and completely stop them from intruding over a network. Since, securing sensitive information carried by various organizations is much more significant, developing enhanced security models become inevitable. To meet the growing demand in safeguarding the network from various known and unknown attacks. In this paper, a Hybrid Particle Swarm Optimization and C4.5 (HPSOCM) method is proposed to network based intrusion prevention system to detect unknown attacks and a signature based SNORT method to detect the known attacks in NIDS. In the hybrid method, we use data mining approach to mine the unknown attacks. Hence, we develop an anomalous detection model and train it using the data mining rules. The trained network is capable of detecting various unknown attacks. The conventional signature based SNORT method detects the known attacks by matching the detected threats from the KDD99 dataset. The proposed HPSOCM method is demonstrated using simulation and the performances were evaluated in terms of Accuracy, Specificity, Detection Rate and False Alarm Rate. The proposed method had produced better efficiency compared to various other existing methods.