Title: A new adaptive intrusion detection system based on the intersection of two different classifiers
Authors: A. Ahmim; N. Ghoualmi-Zine
Addresses: Laboratory of Computer Networks and Systems, Department of Computer Science, Badji Mokhtar-Annaba University, Annaba 23000, Algeria ' Laboratory of Computer Networks and Systems, Department of Computer Science, Badji Mokhtar-Annaba University, Annaba 23000, Algeria
Abstract: Nowadays, the intrusion detection system (IDS) has become one of the most important weapons against cyber-attacks. The simple single-level IDS cannot detect both attack types and normal behaviour with high detection rate. To overcome this limit, we propose a new approach for intrusion detection. The idea of this paper is to use two different classifiers iteratively, where each-iteration represents one level in the built model. To ensure the adaptation of our model, we add a new level whenever the sum of new attacks and the rest of the training dataset reaches the threshold. To build our model, we have used Fuzzy Unordered Rule Induction Algorithm and Random Forests as classifiers. The experiment on the KDD99 dataset shows the high performance of our model that demonstrates its ability to detect the low frequent attack without losing their high performance in the detection of frequent attack and normal behaviour. Furthermore, our model gives the highest detection rate and the highest accuracy, compared with some models well known in the literature related to intrusion detection.
Keywords: intrusion detection systems; hierarchical IDS; hybrid IDS; fuzzy unordered rule induction algorithm; random forests; adaptive intrusion detection; cyber attacks; network security; classifiers.
International Journal of Security and Networks, 2014 Vol.9 No.3, pp.125 - 132
Received: 01 May 2013
Accepted: 15 Oct 2013
Published online: 09 Nov 2014 *