Open AccessHybrid Intrusion Detection System
Author(s) -
Rahul Adhao,
Samadhan Mahefuj,
Vinod Pachghare,
Vijay Khadse
Publication year - 2021
Publication title -
international journal of next-generation computing
Language(s) - English
Resource type - Journals
eISSN - 2229-4678
pISSN - 0976-5034
DOI - 10.47164/ijngc.v12i5.439
Subject(s) - intrusion detection system , computer science , network packet , anomaly based intrusion detection system , decision tree , false positive rate , feature selection , artificial intelligence , data mining , machine learning , feature (linguistics) , rule based system , pattern recognition (psychology) , computer security , linguistics , philosophy
One of the most challenging aspects of a rule-based network intrusion detection system is the high false-positive rate, which makes it unreliable. This research study has developed a new hybrid system based on two-stage intrusion detectors in series to lower the system's high false-positive rate. At first, the rule-based system identifies incoming network packets as intrusion packets or normal packets. The trained machine learning model with feature reduction technique assists the classifiers in classifying the incoming packets as intrusion or normal. For the rule-based system, "Snort" is used, and for the second stage, a classification decision tree is used. A Genetic Algorithm (GA) technique is used for feature selection purposes. The final decision about intrusions is based on the prediction of both the learning systems. The experimental results show that this approach successfully reduces the false positive and false negative rates and increases rule-based NIDS accuracy.