Signature-based IDS using Boolean Weighted Score multiple classifiers

This paper presents a framework of signature-based intrusion detection system by using Boolean Weighted Score for multiple classifiers. In the proposed framework, there are two modules, the data preprocessing module and the classifier module. Data preprocessing module is the process of preparing and adjusting the raw data in order to feed into the classification algorithms. Multiple classifiers are used depending on the number of the attack types, in the classifier module. Additionally, the Boolean weighted score method is applied to each classifier to improve performance and accuracy. The weighted score is assigned to an instance and content from the dataset by computing a linear combination of attribute scores where each attribute contributes a Boolean value. Then, it is combined with the probability of an attack of attribute learning by the training model. This score will then be used to evaluate whether it is attack or not. The study was based on available network traffic datasets (KDD´99 dataset and WiSNet dataset). According to the experimental results, using the multi-classifiers and the Boolean weighted scoring can better detect the attack instances than the single classifier does.