Title :
Evaluation effectiveness of hybrid IDS using Snort with Naïve Bayes to detect attacks
Author :
Hussein, Safwan Mawlood ; Ali, Fakariah Hani Mohd ; Kasiran, Zolidah
Author_Institution :
Fac. of Comput. Sci., Soran Univ., Arbil, Iraq
Abstract :
The enormous number of attacks over the Internet nowadays makes the information under potential violation. Intrusion Detection System (IDS) is used as second line of defense to observe suspicious actions going on in computers or network devices. IDS have two approaches by using only one of the approaches only one of the misuse or anomaly attacks can be detected. This research proposed hybrid IDS by integrated signature based (Snort) with anomaly based (Naive Bayes) to enhance system security to detect attacks. This research used Knowledge Discovery Data Mining (KDD) CUP 99 dataset and Waikato Environment for Knowledge Analysis (WEKA) program for testing the proposed hybrid IDS. Accuracy, detection rate, time to build model and false alarm rate were used as parameters to evaluate performance between hybrid Snort with Naïve Bayes, Snort with J48graft and Snort with Bayes Net. The result shows good performance of using hybrid Snort with Naive Bayes algorithm.
Keywords :
Internet; alarm systems; data mining; security of data; Internet; J48graft; KDD CUP 99 dataset; Naive Bayes algorithm; WEKA; Waikato environment for knowledge analysis; anomaly attacks; attack detection; false alarm rate; hybrid IDS evaluation effectiveness; integrated signature; intrusion detection system; knowledge discovery data mining; snort; Accuracy; Algorithm design and analysis; Classification algorithms; Computers; Data mining; Intrusion detection; Intrusion Detection Systems; anomaly based detection; hybrid; naïve bayes; signature based detection; snort;
Conference_Titel :
Digital Information and Communication Technology and it's Applications (DICTAP), 2012 Second International Conference on
Conference_Location :
Bangkok
Print_ISBN :
978-1-4673-0733-8
DOI :
10.1109/DICTAP.2012.6215386
