Mining in a data-flow environment: experience in network intrusion detection
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Introduction to Data Mining, (First Edition)
Introduction to Data Mining, (First Edition)
Network intrusion detection: Evaluating cluster, discriminant, and logit analysis
Information Sciences: an International Journal
Investigation of Fuzzy Adaptive Resonance Theory in Network Anomaly Intrusion Detection
ISNN 2009 Proceedings of the 6th International Symposium on Neural Networks: Advances in Neural Networks - Part II
Network forensics based on fuzzy logic and expert system
Computer Communications
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
Semi-Naïve Bayesian Method for Network Intrusion Detection System
ICONIP '09 Proceedings of the 16th International Conference on Neural Information Processing: Part I
An efficient network intrusion detection
Computer Communications
Proceedings of the International Conference and Workshop on Emerging Trends in Technology
HiFIND: A high-speed flow-level intrusion detection approach with DoS resiliency
Computer Networks: The International Journal of Computer and Telecommunications Networking
D0M-WLAN: a traffic analysis based approach for detecting malicious activities on wireless networks
Proceedings of the 6th International Conference on Security of Information and Networks
Hi-index | 0.24 |
The growing prevalence of network attacks is a well-known problem which can impact the availability, confidentiality, and integrity of critical information for both individuals and enterprises. In this paper, we propose a real-time intrusion detection approach using a supervised machine learning technique. Our approach is simple and efficient, and can be used with many machine learning techniques. We applied different well-known machine learning techniques to evaluate the performance of our IDS approach. Our experimental results show that the Decision Tree technique can outperform the other techniques. Therefore, we further developed a real-time intrusion detection system (RT-IDS) using the Decision Tree technique to classify on-line network data as normal or attack data. We also identified 12 essential features of network data which are relevant to detecting network attacks using the information gain as our feature selection criterions. Our RT-IDS can distinguish normal network activities from main attack types (Probe and Denial of Service (DoS)) with a detection rate higher than 98% within 2s. We also developed a new post-processing procedure to reduce the false-alarm rate as well as increase the reliability and detection accuracy of the intrusion detection system.