Abstract
Anomaly based Intrusion Detection System (IDS) identifies intrusion by training itself to recognize acceptable behavior of the network. It then raises an alarm whenever any anomalous network behaviors outside the boundaries of its training sets are observed. However, anomaly based IDS are usually prone to high false positive rate due to difficulties involved in defining normal and abnormal network traffic patterns. In this paper, we employ two different statistical methods viz. Linear Discriminant Analysis (LDA) and Logistic Regression (LR) to develop new anomaly based IDS models. We then evaluate the performance of these IDS models on the benchmark NSL-KDD data set and analyze their performance against other IDS models based on Naive Bayes, C4.5 and Support Vector Machine (SVM). Experimental results show that the performance (Accuracy and Detection Rate) of both the LDA and the LR based models are at par and in some cases even better than other IDS models. Moreover, unlike the IDS model based on complex method like the SVM, the proposed LDA and LR based IDS models are computationally more efficient, which makes them more suited for deployment in real time network monitoring and intrusion detection analysis.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
