Identifying false alarm for network intrusion detection system using hybrid data mining and decision tree

Anuar, N.B. and Sallehudin, H. and Gani, Abdullah and Zakari, O. (2008) Identifying false alarm for network intrusion detection system using hybrid data mining and decision tree. Malaysian Journal of Computer Science, 21 (2). pp. 101-115. ISSN 0127-9084,

[img]
Preview
PDF
2008_Identifying_false_alarm_for_Network_Intrusion_Detection_Sysytem_Using_Hybrid_Data_Mining_and_Decision_Tree.pdf

Download (234kB)
Official URL: http://wseas.us/e-library/conferences/2008/buchare...

Abstract

Although intelligent intrusion and detection strategies are used to detect any false alarms within the network critical segments of network infrastructures, reducing false positives is still a major challenge. Up to this moment, these strategies focus on either detection or response features, but often lack of having both features together. Without considering those features together, intrusion detection systems probably will not be able to highly detect on low false alarm rates. To offset the abovementioned constraints, this paper proposes a strategy to focus on detection involving statistical analysis of both attack and normal traffics based on the training data of KDD Cup 99. This strategy also includes a hybrid statistical approach which uses Data Mining and Decision Tree Classification. As a result, the statistical analysis can be manipulated to reduce misclassification of false positives and distinguish between attacks and false positives for the data of KDD Cup 99. Therefore, this strategy can be used to evaluate and enhance the capability of the IDS to detect and at the same time to respond to the threats and benign traffic in critical segments of network, application and database infrastructures.

Item Type: Article
Funders: UNSPECIFIED
Additional Information: Anuar, Nor Badrul Sallehudin, Hasimi Gani, Abdullah Zakari, Omar
Uncontrolled Keywords: False positive, false negative, intrusion detection, data mining, decision tree.
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Computer Science & Information Technology
Depositing User: Ms Maisarah Mohd Muksin
Date Deposited: 16 Jan 2013 01:33
Last Modified: 11 Oct 2018 09:25
URI: http://eprints.um.edu.my/id/eprint/4497

Actions (login required)

View Item View Item