CFP last date
21 October 2024
Reseach Article

False Alarm Rate Reduction using Hybrid Model in Network Anomaly Detection

by Shaimon Rahman Noman, Munawara Saiyara Munia, Samira Samrose
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 174 - Number 8
Year of Publication: 2017
Authors: Shaimon Rahman Noman, Munawara Saiyara Munia, Samira Samrose
10.5120/ijca2017915446

Shaimon Rahman Noman, Munawara Saiyara Munia, Samira Samrose . False Alarm Rate Reduction using Hybrid Model in Network Anomaly Detection. International Journal of Computer Applications. 174, 8 ( Sep 2017), 1-5. DOI=10.5120/ijca2017915446

@article{ 10.5120/ijca2017915446,
author = { Shaimon Rahman Noman, Munawara Saiyara Munia, Samira Samrose },
title = { False Alarm Rate Reduction using Hybrid Model in Network Anomaly Detection },
journal = { International Journal of Computer Applications },
issue_date = { Sep 2017 },
volume = { 174 },
number = { 8 },
month = { Sep },
year = { 2017 },
issn = { 0975-8887 },
pages = { 1-5 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume174/number8/28424-2017915446/ },
doi = { 10.5120/ijca2017915446 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:21:34.305010+05:30
%A Shaimon Rahman Noman
%A Munawara Saiyara Munia
%A Samira Samrose
%T False Alarm Rate Reduction using Hybrid Model in Network Anomaly Detection
%J International Journal of Computer Applications
%@ 0975-8887
%V 174
%N 8
%P 1-5
%D 2017
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Network based intrusion causes predominantly to reveal network and service vulnerabilities. And that is why network based intrusion detection system execute thoroughly packet inspection. For faster execution with better detection accuracy, of the overall procedure while facing new dataset, we are representing a hybrid intrusion detection system in this paper. The hybridized algorithms are Triangle Inequality based k-means clustering algorithm and k-nearest neighbor classifier. Basically a combination of clustering and classification algorithms is studied in this paper. The dataset we used is the refined version of KDD’99 dataset and it is NSL KDD dataset. Some ingrained problems are solved in NSL KDD dataset. This paper work mainly focuses on the reduction of the false alarm rate. But the system is capable of detecting U2R, R2L, probe and Dos with high accuracy.

References
  1. SundusJuma,ZaitonMuda and WarusiaYasin “Reducing False Alarm Using Hybrid Intrusion Detection Based On XMeans Clustering And Random Forest Classification .’’
  2. C.F. Tsai and C.Y. Lin, "A triangle area based nearest neighbors approach to intrusion detection," Pattern Recognition, Vol. 43, 2010, pp. 222-229.
  3. C.H. Tsang, S. Kwong and H. Wang, "Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection," Pattern Recognition , Vol. 40, 2007, pp.2373–2391.
  4. RupaliDatti,BhupendraVerma,"Feature Reduction for Intrusion Detection Using Linear Discriminant Analysis." (IJCSE) International Journal on Computer Science and Engineering Vol. 02, No. 04, 2010, 1072-1078.
  5. Chetan R &Ashoka D.V. “Data Mining Based Network Intrusion Detection System: A Database Centric Approach” 2012 International Conference on Computer Communication and Informatics (ICCCI 2012), Jan. 10 – 12, 2012, Coimbatore, INDIA
  6. VirendraBarot and DurgaToshniwal “A New Data Mining Based Hybrid Network Intrusion Detection Model” IEEE 2012. Wang Pu and Wang Jun-qing “Intrusion Detection System with the Data Mining Technologies” IEEE 2011.
  7. Wang Pu and Wang Jun-qing “Intrusion Detection System with the Data Mining Technologies” IEEE 2011.
  8. Charles Elkan “Using the Triangle Inequality to Accelerate K-Means” Proceedings of the Twentieth International Conference on Machine Learning (ICML-2003), Washington DC, 2003.
Index Terms

Computer Science
Information Sciences

Keywords

Hybrid intrusion detection system data mining Triangle Inequality based k-means k nearest neighbor NSL-KDD dataset accuracy false alarm rate.