Anomaly Base Network Intrusion Detection by Using Random Decision Tree and Random Projection: A Fast Network Intrusion Detection Technique

Mahendra Singh Sisodia, Virendra Raghuwanshi

Abstract


Network Intrusion Detection Systems (NIDSs) have become an important component in network security infrastructure. Currently, many NIDSs are rule-based systems whose performances highly depend on their rule sets. Unfortunately, due to the huge volume of network traffic, coding the rules by security experts becomes difficult and time-consuming. Since data mining techniques can build network intrusion detection models adaptively, data mining-based NIDSs have significant advantages over rule-based NIDSs. Network and system security is of paramount importance in the present data communication environment. Hackers and intruders can create many successful attempts to cause the crash of the networks and web services by unauthorized intrusion. New threats and associated solutions to prevent these threats are emerging together with the secured system evolution. Network Intrusion Detection Systems are one of these solutions. The main function of NIDSs is to protect the resources from threats. It analyzes and predicts the behaviors of users, and then these behaviors will be considered an attack or a normal behavior. We use Random projection and Random Tree to detect network intrusions.

Keywords


Data Mining, Network Intrusion Detection System, Random Decision Tree, Random Projection, Detection Rate, Confusion Matrix, False Alarm

Full Text:

PDF


DOI: http://dx.doi.org/10.5296/npa.v3i4.1342

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.

To make sure that you can receive messages from us, please add the 'macrothink.org' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.

Copyright © Macrothink Institute ISSN 1943-3581