Enhancing Performance Using New Hybrid Intrusion Detection System

Candra Supriadi; Charli Sitinjak; Fujiama Diapoldo Silalahi; Nia Dharma Pertiwi; Sigit Umar Anggono

doi:10.51903/jtie.v1i1.134

Candra Supriadi Universitas Sains Dan Teknologi Komputer Manajemen Informatika Semarang
Charli Sitinjak Universitas Sains dan Teknologi Komputer
Fujiama Diapoldo Silalahi Universitas Sains dan Teknologi Komputer
Nia Dharma Pertiwi Universitas Sains dan Teknologi Komputer
Sigit Umar Anggono Universitas Sains dan Teknologi Komputer

DOI: https://doi.org/10.51903/jtie.v1i1.134

Keywords: data mining, IDS, Clustering data.

Abstract

Intrusion Detection Systems (IDS) are an efficient defense against network attacks as well as host attacks as they allow network/host administrators to detect any policy violations. However, traditional IDS are vulnerable and unreliable for new malicious and genuine attacks. In other case, it is also inefficient to analyze large amount of data such as possibility logs. Furthermore, for typical OS, there are a lot of false positives and false negatives. There are some techniques to increase the quality and result of IDS where data mining is one of technique that is important to mining the information that useful from a large amount of data which noisy and random. The purpose of this study is to combine three technique of data mining to reduce overhead and to improve efficiency in intrusion detection system (IDS). The combination of clustering (Hierarchical) and two categories (C5, CHAID) is proposed in this study. The designed IDS is evaluated against the KDD'99 standard Data set (Knowledge Discovery and Data Mining), which is used to evaluate the efficacy of intrusion detection systems. The suggested system can detect intrusions and categorize them into four categories: probe, DoS, U2R (User to Root), and R2L (Remote to Local). The good performance of IDS in case of accuracy and efficiency was the result of this study.

References

[1] Om, H. and Kundu, A. “A hybrid system for reducing the false alarm rate of anomaly intrusion detection system” Recent Advances in Information Technology (RAIT), 1st IEEE International Conference on 15-17 March 2012 Page(s):131 - 136 Print ISBN:978-1- 4577-0694-3.
[2] P.R Subramanian and J.W. Robinson “Alert over the attacks of data packet and detect the intruders” Computing, Electronics and Electrical Technologies (ICCEET), IEEE International Conference on 21-22 March 2012 Page(s):1028 - 1031 Print ISBN:978-1- 4673-0211-1
[3] V. S. Ananthanarayana and V. Pathak “A novel Multi-Threaded K-Means clustering approach for intrusion detection” Software Engineering and Service Science (ICSESS), IEEE 3rd International Conference on 22-24 June 2012 Page(s): 757 - 760 Print ISBN: 978-1-4673-2007-8
[4] N.S Chandolikar and V.D.Nandavadekar, “Efficient algorithm for intrusion attack classification by analyzing KDD Cup 99” Wireless and Optical Communications Networks (WOCN), 2012 Ninth International Conference on 20-22 Sept. 2012 Page(s):1 - 5 ISSN :2151-7681
[5] Virendra Barot and Durga Toshniwal “A New Data Mining Based Hybrid Network Intrusion Detection Model” IEEE 2012.
[6] Wang Pu and Wang Jun-qing “Intrusion Detection System with the Data Mining Technologies” IEEE 2011.
[7] Z. Muda, W. Yassin, M.N. Sulaiman and N.I. Udzir “Intrusion Detection based on K-Means Clustering and Naïve Bayes Classification” 7th IEEE International Conference on IT in Asia (CITA) 2011.
[8] Dewan M.D. Ferid, Nouria Harbi, “Combining Naïve Bayes and Decision Tree for Adaptive Intrusion detection” International Journal of Network Security and application(IJNSA),vol 2, pp. 189-196, April 2010.