An Intelligent and Expert Mining Intrusion Detection and Response System

Intelligent intrusion and detection strategies for reducing false positives and increasing detection within network critical segments of network infrastructures are a major challenge. Current strategies focus on either detection or responses, but often lack both detection and response strategies. This novel approach combines both detection and response strategies involving both real-time analysis and effective statistical analysis of attack and normal traffic. The novel strategy involves a hybrid statistical approach involving Bayesian and Discriminant Analysis Classification. This comprises discriminant analysis of the normal and attack traffic after using Bayes Theorem to evaluate the training data. The results of the statistical analysis is fed into the IDS to reduce misclassification of false positives and distinguish between attacks and false positives in the IDS alert monitor. These intelligent strategies enhance the capability of the IDS to detect and respond to threats and benign traffic in critical segments of network, application and database infrastructures.