False Alarm Classification Model for Network-Based Intrusion Detection System

Network intrusion detection system (NIDS) is a software system which plays an important role to protect network system and can be used to monitor network activities to detect different kinds of attacks from normal behavior in network traffics. A false alarm is one of the most identified problems in relation to the intrusion detection system which can be a limiting factor for the performance and accuracy of the intrusion detection system. The proposed system involves mining techniques at two sequential levels, which are: at the first level Naïve Bayes algorithm is used to detect abnormal activity from normal behavior. The second level is the multinomial logistic regression algorithm of which is used to classify abnormal activity into main four attack types in addition to a normal class. To evaluate the proposed system, the KDDCUP99 dataset of the intrusion detection system was used and K-fold cross-validation was performed. The experimental results show that the performance of the proposed system is improved with less false alarm rate.

Download Full-text

Contribution of Four Class Labeled Attributes of Kdd Dataset on Detection and False Alarm Rate for Intrusion Detection System

Indian Journal of Science and Technology ◽

10.17485/ijst/2016/v9i5/83656 ◽

2016 ◽

Vol 9 (5) ◽

Cited By ~ 2

Author(s):

Preeti Aggarwal ◽

Deepak Dahiya

Keyword(s):

Intrusion Detection ◽

False Alarm ◽

False Alarm Rate ◽

Intrusion Detection System ◽

Detection System

Download Full-text

A determinant fuzzy apparoach for intrusion detection system

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.9.10006 ◽

2018 ◽

Vol 7 (1.9) ◽

pp. 245

Author(s):

S. Vimala ◽

V. Khanna ◽

C. Nalini

Keyword(s):

Data Collection ◽

Intrusion Detection ◽

False Alarm ◽

False Alarm Rate ◽

Great Degree ◽

Intrusion Detection System ◽

Detection System ◽

Information Mining ◽

The Past ◽

Recognition Systems

In MANETs, versatile hubs can impart transparently to each other without the need of predefined framework. Interruption location framework is a fundamental bit of security for MANETs. It is uncommonly convincing for identifying the Intrusions and for the most part used to supplement for other security segment. That is the reason Intrusion discovery framework (IDS) is known as the second mass of assurance for any survivable framework security. The proposed fluffy based IDSs for recognition of Intrusions in MANETs are not prepared to adjust up all sort of assaults. We have examined that all proposed fluffy based IDSs are seen as to a great degree obliged segments or qualities for data collection which is specific for a particular assault. So that these IDSs are simply recognize the particular assault in MANETs. The fluffy motor may perceive blockage from channel mistake conditions, and along these lines helps the TCP blunder discovery. Examination has been made on the issues for upgrading the steady quality and precision of the decisions in MANET. This approach offers a strategy for joining remote units' estimation comes to fruition with alliance information open or priori decided at conglomerating hubs. In our investigation work, the best need was to reduce the measure of information required for getting ready and the false alarm rate. We are chiefly endeavoring to improve the execution of a present framework rather than endeavoring to supplant current Intrusion recognition systems with an information mining approach. While current mark based Intrusion identification procedures have imperatives as communicated in the past region, they do even now give basic organizations and this normal us to choose how information mining could be used as a piece of a correlative way to deal with existing measures and improves it.

Download Full-text

Physical Layer Intrusion Detection System Based on Channel Prediction for Wireless Networks

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.556-562.2711 ◽

2014 ◽

Vol 556-562 ◽

pp. 2711-2714

Author(s):

Soo Young Shin ◽

Isnan Arif Wicaksono

Keyword(s):

Wireless Networks ◽

Wireless Communication ◽

Intrusion Detection ◽

False Alarm ◽

Intrusion Detection System ◽

Time Slot ◽

Detection System ◽

Physical Layer ◽

False Alarm Ratio ◽

Channel Prediction

Wireless Networks suffer from many constraints including wireless communication channel, internal and external attacks, security becomes the main concern to deal with such kind of networks. Therefore, an intrusion detection system (IDS) is required that monitors the network, detects misbehavior or anomalies and notifies other nodes in the network to avoid or punish the misbehaving nodes. This paper describes the simple method to detect the intruder in wireless communication system based on physical layer characteristics. Channel prediction method is used in receiver part to predict the transmission channel for the next time slot. Then, in the next time slot the result is compared with the actual value of channel from the channel estimation. Number of detection and false alarm ratio is measured as performance matrices of the simulation. Based on simulation result, the proposed intrusion detection system give high detection ratio and low false alarm ratio for given threshold.

Download Full-text

A Design of false alarm analysis framework of intrusion detection system by using incremental mining method

The KIPS Transactions PartC ◽

10.3745/kipstc.2006.13c.3.295 ◽

2006 ◽

Vol 13C (3) ◽

pp. 295-302

Author(s):

Eun-Hee Kim ◽

Keun-Ho Ryu

Keyword(s):

Intrusion Detection ◽

False Alarm ◽

Intrusion Detection System ◽

Detection System ◽

Mining Method ◽

Incremental Mining ◽

Analysis Framework

Download Full-text

Fuzzy Controlled Network Intrusion Detection System (FC-NIDS)

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.b6134.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 228-235

Keyword(s):

Intrusion Detection ◽

False Alarm ◽

Fuzzy Inference System ◽

Intrusion Detection System ◽

Fuzzy Inference ◽

Detection System ◽

Features Selection ◽

Inference System ◽

Testing Procedures ◽

Network Intrusion

Intrusion Detection System (IDS) is the nearly all imperative constituent of computer network security. IDSs are designed to comprehend intrusion attempts in incoming network traffic shrewdly. It deals with big volume of data containing immaterial and outmoded features, which lead to delay in training as well as testing procedures. Therefore, to minimize the false alarm and computation complexity, the features selection technique for intrusion detection has been implemented. In this paper PCA (Principal Component Analysis) and Fuzzy Inference System (FIS) have been used on kdd99 dataset to develop FC-NIDS model. PCA is used to select the attacked features to minimize the computational work, while FIS is used to develop a fuzzy inference system for accuracy in prophecy using MATLAB. The results of the experiment are tested on UCI data sets as a standard bench-mark. It has been found efficient for true prediction of intrusion as well as to reduce the false alarm rate. The proposed fuzzy logic controller IDS (FC-NIDS), is passable to covenant with signature and anomaly based attacks to get enhanced intrusion detection, decreases false alarm and to optimize complexity.

Download Full-text

A hybrid system for reducing the false alarm rate of anomaly intrusion detection system

2012 1st International Conference on Recent Advances in Information Technology (RAIT) ◽

10.1109/rait.2012.6194493 ◽

2012 ◽

Cited By ~ 36

Author(s):

Hari Om ◽

Aritra Kundu

Keyword(s):

Intrusion Detection ◽

False Alarm ◽

False Alarm Rate ◽

Hybrid System ◽

Intrusion Detection System ◽

Detection System ◽

Anomaly Intrusion Detection

Download Full-text

Soft-computing-based false alarm reduction for hierarchical data of intrusion detection system

International Journal of Distributed Sensor Networks ◽

10.1177/1550147719883132 ◽

2019 ◽

Vol 15 (10) ◽

pp. 155014771988313 ◽

Cited By ~ 2

Author(s):

Parminder Singh ◽

Sujatha Krishnamoorthy ◽

Anand Nayyar ◽

Ashish Kr Luhach ◽

Avinash Kaur

Keyword(s):

Intrusion Detection ◽

False Alarm ◽

False Alarm Rate ◽

Soft Computing ◽

Intrusion Detection System ◽

Detection System ◽

False Positive Rate ◽

Real Life ◽

Hierarchical Data ◽

Data Set

A false alarm rate of online anomaly-based intrusion detection system is a crucial concern. It is challenging to implement in the real-world scenarios when these anomalies occur sporadically. The existing intrusion detection system has been developed to limit or decrease the false alarm rate. However, the state-of-the-art approaches are attack or algorithm specific, which is not generic. In this article, a soft-computing-based approach has been designed to reduce the false-positive rate for hierarchical data of anomaly-based intrusion detection system. The recurrent neural network model is applied to classify the data set of intrusion detection system and normal instances for various subclasses. The designed approach is more practical, reason being, it does not require any assumption or knowledge of the data set structure. Experimental evaluation is conducted on various attacks on KDDCup’99 and NSL-KDD data sets. The proposed method enhances the intrusion detection systems that can work with data with dependent and independent features. Furthermore, this approach is also beneficial for real-life scenarios with a low occurrence of attacks.

Download Full-text