Author:
Adhao Rahul,Mahefuj Samadhan,Pachghare Vinod,Khadse Vijay
Abstract
One of the most challenging aspects of a rule-based network intrusion detection system is the high false-positive rate, which makes it unreliable. This research study has developed a new hybrid system based on two-stage intrusion detectors in series to lower the system's high false-positive rate. At first, the rule-based system identifies incoming network packets as intrusion packets or normal packets. The trained machine learning model with feature reduction technique assists the classifiers in classifying the incoming packets as intrusion or normal. For the rule-based system, "Snort" is used, and for the second stage, a classification decision tree is used. A Genetic Algorithm (GA) technique is used for feature selection purposes. The final decision about intrusions is based on the prediction of both the learning systems. The experimental results show that this approach successfully reduces the false positive and false negative rates and increases rule-based NIDS accuracy.
Publisher
Perpetual Innovation Media Pvt. Ltd.
Reference15 articles.
1. ADHAO, R., & PACHGHARE, V. (2020). Feature selection using principal component analysis and genetic algorithm. Journal of Discrete Mathematical Sciences and Cryptography, 23(2), 595-602.
2. AHRABI, A. A. A., NAVIN, A. H., BAHRBEGI, H., MIRNIA, M. K., BAHRBEGI, M., SAFARZADEH, E., & EBRAHIMI, A. (2010). A New System for Clustering and Classification of Intrusion Detection System Alerts Using Self-Organizing Maps. International Journal of Computer Science and Security (IJCSS), 4(6), 589-597.
3. ASLAM, U., BATOOL, E., AHSAN, S. N., & SULTAN, A. (2017). Hybrid network intrusion detection system using machine learning classification and rule based learning system. International Journal of Grid and Distributed Computing, 10(2), 51-61.
4. BITAAB, M., & HASHEMI, S. (2017, September). Hybrid intrusion detection: Combining decision tree and gaussian mixture model. In 2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC) (pp. 8-12). IEEE.
5. CEPHELI, O., BÜYÜKÇORAK, S., & KARABULUT KURT, G. (2016). Hybrid intrusion detection system for ddos attacks. Journal of Electrical and Computer Engineering, 2016.
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Fault Detection in Steel Surfaces Using Deep Learning Approaches;International Journal of Next-Generation Computing;2023-02-15