Handling Intrusion Detection System using Snort Based Statistical Algorithm and Semi-supervised Approach

摘要

Intrusion detection system aims at analyzing the severity of network in terms of attack or normal one. Due to the advancement in computer field, there are numerous number of threat exploits attack over huge network. Attack rate increases gradually as detection rate increase. The main goal of using data mining within intrusion detection is to reduce the false alarm rate and to improve the detection rate too. Machine learning algorithms accomplishes to solve the detection problem. In this study, first we analyzed the statistical based anomaly methods such as ALAD, LEARAD and PHAD. Then a new approach is proposed for hybrid intrusion detection. Secondly, the advantage of both supervised and unsupervised has been used to develop a semi-supervised method. Our experimental method is done with the help of KDD Cup 99 dataset. The proposed hybrid IDS detects 149 attacks (nearly 83%) out of 180 attacks by training in one week attack free data. Finally, the proposed semi-supervised approach shows 98.88% accuracy and false alarm rate of 0.5533% after training on 2500 data instances.