Mutual Clustered Redundancy and Composite Learning for Intrusion Detection Systems

Abstract

In the area of cyber space security, intrusion detection is a challenging task which aims at the provision of security from various malicious attacks. Hence, this paper proposes a two-stage hybrid intrusion detection system (IDS) mechanism to identify between normal and attack activities. The proposed mechanism is an integrated form of two simple and effective machine learning algorithms; they are support vector machine (SVM) and composite extreme learning machine (CELM). The first stage aims to distinguish the normal activities from abnormal activities and employed SVM. Next, the second stage employs CELM for the detection of different types of attacks . Further, aiming over training data, a clustering followed by duplicate connections removal and duplicate features removal is accomplished through fuzzy C-means clustering, correlation, and mutual information respectively. The proposed method applied eventually on the standard benchmark dataset NSL-KDD and the real modern UNSW-NB15 dataset. The performance analysis validates through accuracy, false alarm rate and computational time.