Article Preview
Top1. Introduction
In recent years, data science becomes one of the most important and emerging disciplines. It can be seen as a compilation of existing disciplines such as statistics, databases, distributed databases, and big data systems. (Van Der Aalst, 2016) found that the discipline of data science is crucial for analysing large piles of data and processing it systematically to take out vital information. The primary concern is to access individual dataset and to access subtle information such as electronic transactions, medicare data, financial data, biological traits data, criminal investigations data, and validate authenticity.
The existing data science approaches need to be combined with security measures. Information security is one of the vital issue for private as well as public network systems and all intrusions trying to successfully access the data despite the presence of infiltration of intrusions by using firewalls, cryptography, and other security gateways. Many attempts have been made for the research of intrusion detection systems (IDS). (Manzoor and Kumar, 2017) founds that intrusion detection is a difficult task, and (IDS) detect intrusions and identifies evidence of obtrusion, these shreds of evidences referred as attacks. The complete data about the targeted system is required for detecting intrusions precisely.
IDS are used for identifying threats and potential attacks. IDS detects if intruders or attackers is trying to perform nefarious activity when it detects something unusual, it notifies the inappropriateness to system administrator. (Sundaram, 1996) found that IDS is a tool which continuously monitors data traffic for detection of intrusions in the network. It is used for managing console and sensors. (Debar, 2000) found that when the sensors detect some unusual pattern that matches with previously detected attack signatures they report the suspicious activity to the console. An IDS notifies security measures about any, spyware or key loggers, as well as information forgery and unauthorized servers. As information technology industry is expanding rapidly the security in information technology becomes the major concern. People becomes dependent on technology for day to day requirements such as stock prices, email, online banking, handling marketing, communication, online news and e-marts. The integrity, authenticity, confidentiality and availability of all these measures need to be ensured against several cyber threats. (Uguz, 2011) depicts that the intruders, hackers and fraudster can carry out attacks within the network. Link analysis is used to track the viruses and worms while clustering, prediction and classification methods are used to recognize budding future cyber threats.
IDS is a technique for detecting anomalous behaviour, the primary role of IDS is to help the system to handle network attacks. (Tsai et al., 2009) showed that the IDS includes observation and oversee user system activities such as analysis of system configuration, reliability and integrity. IDS recognizes abnormal activity patterns of pre-existing and newly generated attacks. IDS aggregate data from different sources that is within the computer system or real-time data sets and compare this with existing patterns to recognize the attacks or weakness.
The primary aim is to build an efficient intrusion detection system to manage high true and false alarms rates. (Sundaram, 1996) showed that the problems of high false positive rate can be achieved by reducing the data without compromising its quality. (Debar, 2000) found that intrusion detection is a data analysis process that can be studied as a problem of classifying data correctly. IDS is used to extract features that differentiate normal data from abnormal one, the false positive rates is to be reduced to a greater extent by using IDS. The problem is to search the technique which is used to differentiate normal data from abnormal ones. IDS should operate data quickly by generating alerts.