Title :
A hybrid system for reducing the false alarm rate of anomaly intrusion detection system
Author :
Om, Hari ; Kundu, Aritra
Author_Institution :
Dept. of Comput. Sci. & Eng., Indian Sch. of Mines, Dhanbad, India
Abstract :
In this paper, we propose a hybrid intrusion detection system that combines k-Means, and two classifiers: K-nearest neighbor and Naïve Bayes for anomaly detection. It consists of selecting features using an entropy based feature selection algorithm which selects the important attributes and removes the irredundant attributes. This algorithm operates on the KDD-99 Data set; this data set is used worldwide for evaluating the performance of different intrusion detection systems. The next step is clustering phase using k-Means. We have used the KDD99 (knowledge Discovery and Data Mining) intrusion detection contest. This system can detect the intrusions and further classify them into four categories: Denial of Service (DoS), U2R (User to Root), R2L (Remote to Local), and probe. The main goal is to reduce the false alarm rate of IDS1.
Keywords :
data mining; pattern classification; pattern clustering; performance evaluation; security of data; Denial of Service; K-nearest neighbor; K-nearest neighbor classifiers; KDD-99 data set; KDD99 intrusion detection contest; Naiive Bayes classifiers; R2L; Remote to Local; U2R; User to Root; anomaly intrusion detection system; entropy based feature selection algorithm; false alarm rate reduction; hybrid intrusion detection system; irredundant attributes; k-mean clustering; knowledge discovery and data mining; performance evaluation; Accuracy; Classification algorithms; Clustering algorithms; Data mining; Intrusion detection; Probes; Training; Classification; Clustering; KDD Cup 99 Data set; Naïve Bayes; detection rate; false alarm rate; intrusion detection; k-Means;
Conference_Titel :
Recent Advances in Information Technology (RAIT), 2012 1st International Conference on
Conference_Location :
Dhanbad
Print_ISBN :
978-1-4577-0694-3
DOI :
10.1109/RAIT.2012.6194493
