Special Offers
- IGI Global’s New Emerging Topic e-Book Collections
  Acquire highly focused and affordable Cutting-Edge Peer-Reviewed Research Content through a selection of 17 topic-focused e-Book Collections discounted up to 90%, compared to list prices. Collection topics include Artificial Intelligence, Data Science, Language Learning, Marketing and Customer Relations, Sustainability, and many more. Hosted on the InfoSci^® platform, these collections feature no DRM, no additional cost for multi-user licensing, no embargo of content, full-text PDF & HTML format, and more.
  Learn More
- Open Access Book (Free Access) - Encyclopedia of Information Science and Technology, Sixth Edition (ISBN: 9781668473665)
  The Encyclopedia of Information Science and Technology, Sixth Edition) continues the legacy set forth by the first five editions by providing comprehensive coverage and up-to-date definitions of the most important issues, concepts, and trends pertaining to technological advancements and information management within a variety of settings and industries. The entire book is being published under open access.
  Read Now
- Open Access Book (Free Access) - Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries (ISBN: 9781668456293)
  Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries provides information on the recent technology, mitigation, and environmental protection that must be applied for food sustainability in developing countries. This book is being published under Platinum Open Access through funding from Diponegoro University, Indonesia.
  Read Now
- Open Access Book (Free Access) - New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY (ISBN: 9781668438091)
  The Walmart Corporation and the Lumina Foundation have provided funding to make New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY fully open access, completely removing any paywall between scholars in education and the latest research on new models for the future of higher education.
  Read Now
- Open Access Book (Free Access) - Handbook of Research on the Global View of Open Access and Scholarly Communications (ISBN: 9781799898054)
  Through a collaboration between IGI Global and the University of North Texas, the Handbook of Research on the Global View of Open Access and Scholarly Communications has been published as fully open access, completely removing any paywall between researchers of any field, and the latest research on the equitable and inclusive nature of Open Access and all of its complications.
  Read Now
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Journals by Field
e-Collections
Open Access
- View All Open Access Opportunities
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Find an Open Access Journal for Your Next Manuscript
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Submit an Open Access Book Proposal
  Learn more about open access book publishing and how it can propel your research forward in the field.
  Convert Your Work to Open Access
  Already published? You can convert your work to open access to increase its impact through IGI Global’s Restrospective Open Access Program.
  Utilize Open Access Collection Database
  Open up your research potential by utilizing our open access content or integrating the open access collection into your library
  Consider Open Access Agreements
  For Libraries: consider no-cost or investment-level open access agreements with IGI Global to support your faculty's research endeavors.
  Search Funding Resources
  Looking for additional funding resources to support your open accesss endeavors? View industry resources compiled by our open access team.
  Review Open Access Policies & Ethical Guidelines
  Considering IGI Global to publish your work under open access? Review IGI Global’s open access policies and ethical guidelines
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us
Newsroom

Machine Learning Techniques for Intrusion Detection

Tameem Ahmad, Mohd Asad Anwar, Misbahul Haque

Source Title: Handbook of Research on Intrusion Detection Systems

DOI: 10.4018/978-1-7998-2242-4.ch003

OnDemand:

(Individual Chapters)

Available

$37.50

Current Special Offers

No Current Special Offers

Abstract

This chapter proposes a hybrid classifier technique for network Intrusion Detection System by implementing a method that combines Random Forest classification technique with K-Means and Gaussian Mixture clustering algorithms. Random-forest will build patterns of intrusion over a training data in misuse-detection, while anomaly-detection intrusions will be identiðed by the outlier-detection mechanism. The implementation and simulation of the proposed method for various metrics are carried out under varying threshold values. The effectiveness of the proposed method has been carried out for metrics such as precision, recall, accuracy rate, false alarm rate, and detection rate. The various existing algorithms are analyzed extensively. It is observed experimentally that the proposed method gives superior results compared to the existing simpler classifiers as well as existing hybrid classifier techniques. The proposed hybrid classifier technique outperforms other common existing classifiers with an accuracy of 99.84%, false alarm rate as 0.09% and the detection rate as 99.7%.

Chapter Preview

Top

Introduction

Intrusion detection, a very important aspect from security point of view, can be said to be the process of monitoring the events that occur in an individual computer system or over a computer network and investigating for any intrusions taking into account the confidentiality, integrity and availability of a computer system or other network infrastructure security properties (Chahal & Kaur, 2016). An intrusion causes the confidentiality violation, if it allows intruders to access system information without authorization (password authentication). If an intruder changes the system date or any data residing on or passing through the system, it causes the integrity violation. An availability violation will occur if an intrusion keeps an authorized user from accessing the particular service or system resource when he needs it. The major task of intrusion detection is to gather data that may contain evidences of intrusions, from target system, processing and analyzing the data to identify the potential intrusions thereafter generating the specified responses for every intrusion either manually or automatically.

Intrusion Detection System

Main function of Intrusion Detection System (IDS) is to monitor network traffic for any doubtful activity and if any, then alerts the system or network administrator. In some cases, IDS can take active action (i.e. it may discard the packet incompatible) or passive action (i.e. to alert the system) for malicious traffic by imposing action such as blocking users or source IP addresses from reaching the network. As soon as a new computer searches for a security vulnerability, a crowd of crackers starts knocking on the doors of computers around the world so that they can see whether they can enter their security or not. Many sites employ a combination of boundary router firewalls and host-based packet filters and wrappers to protect themselves, but what is the vulnerability in many systems used to secure the service? How do system administrators know that their machines are being attacked and/or compromised? The best way to catch crackers is to use IDS. Figure 1 shows a Computer Network with Network Intrusion Detection System.

Figure 1.

Computer network with network intrusion detection system

Need for Intrusion Detection System

A computer system should provide confidentiality, integrity and assurance against various types of attacks. However, due to the increasing connectivity especially on the Internet and the huge open spectrum of financial prospects, more and more systems are under attack by intruders. The presence of IDS allows preventing subversion by building a completely secure system. It, for example, requires all users to identify and authenticate themselves. Further, the data can be protected by employing various cryptographic methods and very tight access control mechanisms. However this is not really feasible because:

•
Practically, building a completely secure system is not possible (Kumar, Mangathayaru, & Narsimha, 2016).
•
Even Cryptographic methods possess certain kind of problems. User passwords can be cracked, users can lose their passwords, and there are ways to break the entire crypto-systems.
•
Even a truly secure system is vulnerable to abuse by insiders who misuse their privileges.
•
It has been seen that there is an inverse relationship between the levels of access control to the user efficiency, which implies that the stricter the mechanisms are, the lower will be the efficiency.

So, using cryptography method or simply putting a firewall may not be enough to solve problem of vulnerabilities. If there is an attack on the system, they should be identified as soon as possible and appropriate action must be taken.

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference