Hybrid network intrusion detection system using expert rule based approach

  • Authors:

  • A. S. Aneetha;T. S. Indhu;S. Bose

  • Affiliations:

  • Anna University, Chennai, India;Anna University, Chennai, India;Anna University, Chennai, India

  • Venue:
  • Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
  • Year:
  • 2012

Quantified Score

Hi-index 0.00

Visualization

Abstract

The usage of internet has almost become indispensable for information transaction and communication among people in various sections of the society. However as the network grows, secured information communication has become more vulnerable due to threats from unknown sources and hence the need for secured information sharing assumes greater importance in the present scenario. Various types of threats can be monitored by designing effective intrusion detection systems for providing security to the network. In this paper we have proposed a new frame work based on a hybrid intrusion detection system for known and unknown attacks in an efficient way. This frame work has the ability to detect intrusion in real time environment from the link layer. This has been achieved by combining rule base with appropriate clustering techniques for both supervised and unsupervised data. The known attack patterns are identified, with misuse detection system, using the rule base and, with anomaly detection, new attacks are identified by deploying clustering techniques. The new attacks have been updated in the rule base with the knowledge from an expert database that improved the efficiency of the system. The detection rate of the hybrid system has been found to increase as the unknown attack percentage increases whereas in misuse, detection rate is found to decrease and in anomaly detection rate remains constant.