Wednesday 22nd of November 2017
 

Propose HMNIDS Hybrid Multilevel Network Intrusion Detection System


Saad K. Majeed, Soukaena H. Hashem and Ekhlas K. Gbashi

This research present a proposal Hybrid Multilevel Network Intrusion Detection System (HMNIDS) which is a hybrid multilevel IDS, is hybrid because use misuse and anomaly techniques in intrusion detection, and is multilevel since it apply the two detection techniques hierarchal in two levels. First level applies anomaly ID technique using Support Vector Machine (SVM) for detecting the traffics either normal or intrusions, if normal then passes it else the system input the intrusion traffic to the second level to detect the class of intrusion where this level apply Misuse ID technique using Artificial Neural Networks (ANN). The proposal depend on Data mining is a DM-based HMNIDS since mining provide iterative process so if results are not satisfied with optimal solution, the mining steps will continue to be carried out until mining results are corresponding intention results. For training and testing of MHNIDS in our experiment, we used NSL-KDD data set. It has solved some of the inherent problems of the KDD99. NSL-KDD similar to KDD99 their connections contains 41 features and is labeled as either normal or attack type, many of these features are irrelative in classification process. In our proposal we used Principle Component Analysis (PCA) as feature extraction to reduce no. of features to avoid time consuming in training and real-time detecting. PCA introduce 8 features as subset of correlated intrinsic features present the basic point in classification. The sets of features that have been resulted from PCA and the all features set will be the feeding of HMNIDS. The results obtained from HMNIDS showing that accuracy rate of SVM and ANN classifiers separately are both high but they are higher with PCA (8) features than all (41) features. Confusion matrix of HMNIDS gives high detection rates and less false alarm rate, also they are higher with (8) PCA than all (41).

Keywords: NIDS, PCA, SVM, ANN and Confusion Matrix

Download Full-Text


ABOUT THE AUTHORS

Saad K. Majeed
Iraq

Soukaena H. Hashem
Iraq

Ekhlas K. Gbashi
Iraq


IJCSI Published Papers Indexed By:

 

 

 

 
About IJCSI

IJCSI is a refereed open access international journal for scientific papers dealing in all areas of computer science research...

Learn more »
Join Us
FAQs

Read the most frequently asked questions about IJCSI.

Frequently Asked Questions (FAQs) »
Get in touch

Phone: +230 911 5482
Email: info@ijcsi.org

More contact details »