Abstract
Intrusion Detection System (IDS) plays a vital factor in providing security to the networks through detecting malicious activities. Due to the extensive advancements in the computer networking, IDS has become an active area of research to determine various types of attacks in the networks. A large number of intrusion detection approaches are available in the literature using several traditional statistical and data mining approaches. Data mining techniques in IDS observed to provide significant results. Data mining approaches for misuse and anomaly-based intrusion detection generally include supervised, unsupervised and outlier approaches. It is important that the efficiency and potential of IDS be updated based on the criteria of new attacks. This study proposes a novel Adaptive Hybrid Multi-level Intelligent IDS (AHMIIDS) system which is the combined version of anomaly and misuse detection techniques. The anomaly detection is based on Bayesian Networks and then the misuse detection is performed using Adaptive Neuro Fuzzy Inference System (ANFIS). The outputs of both anomaly detection and misuse detection modules are applied to Decision Table Majority (DTM) to perform the final decision making. A rule-base approach is used in this system. It is observed from the results that the proposed AHMIIDS performs better than other conventional hybrid IDS.
Highlights
Due to rapid development of network-based services and responsive information on the networks, the number and the sternness of network-based computer attacks have been increased considerably
This group will have the information about the prior probabilities of each root nodes and conditional probabilities of all non root nodes given with all promising group of their direct predecessors. This BN are a Directed Acyclic Graph, (DAG) which consist of arcs for denoting the causal dependence among the parent and child permit the storage of the proofs when the values are recognized about some variables and if the proof is identified it provides a computational arrangement for finding the conditional values of the remaining random variables
Because the rules in the anomaly detection model are defined by experts, cannot verify its performance through the simulation
Summary
Due to rapid development of network-based services and responsive information on the networks, the number and the sternness of network-based computer attacks have been increased considerably. Even though an extensive range of security expertise such as information encryption, access control and intrusion prevention can shield their network based systems, there are still a lot of undetected intrusions are presented. Several traditional protection approaches like user authentication, data encryption, keep away from programming errors and firewalls are used as the initial line of protection for computer security. The firewalls are vulnerable to errors in pattern and expect to indistinct or indeterminate security policies (Summers, 1997). The system became complex due to the un-avoidance of the programming errors the application software is developing fast leaving at the back of some vulnerable weaknesses. Computer systems are possible to stay unsecured for the predictable future
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: Research Journal of Applied Sciences, Engineering and Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.