RAkEL Algorithm and Mahalanobis Distance-Based Intrusion Detection System Against Network Intrusions

Abstract

With a quick increment in the volume of information in everyday life, there is dependably a requirement for an intrusion detection framework which distinguishes and identifies the attacks at a quicker pace. Any action which abuses the approach of the security premises is characterized as an intrusion. Intrusion detection system (IDS) is an hardware that cocurrences with intrusions produced by an alternate host network frameworks and system sources, then looking at the sign of security issues. IDS is also used to recognize unapproved usage of PC, which ought to interface the gaps in against antivirus and firewall. A general issue in the current IDS is the high false-positives and low-detection rate. This chapter talks about the essential intrusion detection procedures by means of live capturing of network packets. The proposed system uses Mahalanobis distance methodology in best attribute selection and exhaustive search feature selection methods for feature ranking and removal of features for choosing the superlative possible combinations of features from the feature set obtained from the network packets. The RAndom k-labELsets (RAkEL) multi-label ensemble learning algorithm in combination with machine learning algorithms, like J48, support vector machine (SVM) and Naive Bayes (NB), are utilized to build up the proposed IDS by classifying different network intrusions with higher detection rate and lower false-positive rate.