Intrusion Detection System with Multi Layer using Bayesian Networks

Abstract

the era of network security, intrusion detection system plays a vital to detect real - time intrusions, and to execute work to stop the attack. Being everything shifting to internet, security became the foremost preference. In real world, the minority attacks R2L (Remote-To-User) and U2R (User-To- Root) are more hazardous than Probe and DoS (Denial-Of- Service) majority attacks. Present IDS are not much efficient to detect these low level attacks. Therefore, it is extremely important to improve the detection performance for the R2L and U2R attacks with the majority attacks. In this paper hierarchical layered approach for improving detection rate of minority attacks as well as majority attacks is propound. The propound model used Naive bayes classifier with K2 learning process on reduced NSL KDD dataset for each attack class. In this method every layer is individually trained to detect a single type of attack category and the outcome of one layer is passed into another layer to increase the detection rate and for better categorization of both the majority and minority attacks. Intrusion detection system (IDS), Network security, Feature selection, naive bayes classifier, R2U, U2R, DoS 1. INTRODUCTIONNetwork Security Can be defined as It is the set of guidelines adopted by a Network administrator to prevent the unauthorized access, modification and misuse of the network traffic by attackers.ID (Intrusion Detection) techniques are used to strength security and increase resistance to internal and external attacks. With the Increase in Technology the chance of malware and Intrusions get increase. The firewalls do not provide much security. In order to inspect network traffic many corporation are using proactive and reactive both types of IDS system. The goal of the intrusion detection system is to monitor and control the network traffic to prevent the numerous types of intrusion attempt. When an intrusion detection system is deployed, it provides warning to the users indicating that system is under attack. These warnings can help users to prevent the attack by increasing resistance to attack.