Title: A new adaptive intrusion detection system based on the intersection of two different classifiers

Authors: A. Ahmim; N. Ghoualmi-Zine

Addresses: Laboratory of Computer Networks and Systems, Department of Computer Science, Badji Mokhtar-Annaba University, Annaba 23000, Algeria ' Laboratory of Computer Networks and Systems, Department of Computer Science, Badji Mokhtar-Annaba University, Annaba 23000, Algeria

Abstract: Nowadays, the intrusion detection system (IDS) has become one of the most important weapons against cyber-attacks. The simple single-level IDS cannot detect both attack types and normal behaviour with high detection rate. To overcome this limit, we propose a new approach for intrusion detection. The idea of this paper is to use two different classifiers iteratively, where each-iteration represents one level in the built model. To ensure the adaptation of our model, we add a new level whenever the sum of new attacks and the rest of the training dataset reaches the threshold. To build our model, we have used Fuzzy Unordered Rule Induction Algorithm and Random Forests as classifiers. The experiment on the KDD99 dataset shows the high performance of our model that demonstrates its ability to detect the low frequent attack without losing their high performance in the detection of frequent attack and normal behaviour. Furthermore, our model gives the highest detection rate and the highest accuracy, compared with some models well known in the literature related to intrusion detection.

Keywords: intrusion detection systems; hierarchical IDS; hybrid IDS; fuzzy unordered rule induction algorithm; random forests; adaptive intrusion detection; cyber attacks; network security; classifiers.

DOI: 10.1504/IJSN.2014.065710

International Journal of Security and Networks, 2014 Vol.9 No.3, pp.125 - 132

Received: 01 May 2013
Accepted: 15 Oct 2013

Published online: 09 Nov 2014 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article