Ensemble-based semi-supervised learning approach for a distributed intrusion detection system

摘要

Intrusion has become a growing concern today. With the advent of new technologies each day and widespread of computers, security has become a very important issue. Attacks like Ransomware, Distributed Denial of service, User to Root, Remote Login have become a big threat to every computer in the network. Such attacks compromise the security of the computer and obtain access to sensitive data. Hence, Security of any network is a high priority issue which must be taken care of. Various Intrusion Detection Systems (IDS) exist which help to identify threats in the system, but only an intelligent system will correctly yield them with maximum accuracy. An IDS is a machine or software that monitors the traffic in a network and on detection of a malicious packet informs the user to take further action and avoid the malicious packet from entering in the network. In this paper, an intelligent IDS system is presented which classifies the normal traffic in a network with abnormal or attacked ones. A method used for feature selection is based on gini index and variable importance measure. Classifiers used are Random Forest, Support Vector Machine, Artificial Neural Network, Decision Tree and K Nearest Neighbor for classification. Proposed hybrid system of IDS selects data using feature selection technique and then classifies it by individual classifiers. An ensem-bling is used to give the final class from multiple classifiers to the packet in the network as an anomaly or normal. All classifiers are working in distributed network where all anomaly detected attack converted into signature to reduce future attacks. The dataset used for training is NSL - KDD dataset. Ensembling technique increase accuracy of detection by 10%, reduces false positive rate to 0.05 and it improves system performance in terms of execution time with more true positive rate. Results are tested in real time environment and training is given with NSL KDD dataset.