Advertisement

RAkEL Algorithm and Mahalanobis Distance-Based Intrusion Detection System Against Network Intrusions

  • R. Padmashani
  • M. Nivaashini
  • R. Vidhyapriya
Conference paper
  • 45 Downloads

Abstract

With a quick increment in the volume of information in everyday life, there is dependably a requirement for an intrusion detection framework which distinguishes and identifies the attacks at a quicker pace. Any action which abuses the approach of the security premises is characterized as an intrusion. Intrusion detection system (IDS) is an hardware that cocurrences with intrusions produced by an alternate host network frameworks and system sources, then looking at the sign of security issues. IDS is also used to recognize unapproved usage of PC, which ought to interface the gaps in against antivirus and firewall. A general issue in the current IDS is the high false-positives and low-detection rate. This chapter talks about the essential intrusion detection procedures by means of live capturing of network packets. The proposed system uses Mahalanobis distance methodology in best attribute selection and exhaustive search feature selection methods for feature ranking and removal of features for choosing the superlative possible combinations of features from the feature set obtained from the network packets. The RAndom k-labELsets (RAkEL) multi-label ensemble learning algorithm in combination with machine learning algorithms, like J48, support vector machine (SVM) and Naïve Bayes (NB), are utilized to build up the proposed IDS by classifying different network intrusions with higher detection rate and lower false-positive rate.

Keywords

Network intrusions intrusion detection system (IDS) Wireshark RAkEL Mahalanobis distance J48 SVM Naïve Bayes Weka 

Abbreviations

ID

Intrusion detection

IDS

Intrusion detection system

PC

Personal computer

RAkEL

RAndom k-labELsets

SVM

Support vector machine

NB

Naïve Bayes

ANN

Artificial neural networks

PCA

Principal component analysis

GA

Genetic algorithm

ARFF

Attribute-relation file format

PCAP

Packet capture

PART

Projective adaptive resonance theory

DoS

Denial of service

U2R

User to root

R2L

Remote to local

TP

True-positive

TN

True-negative

FP

False-positive

FN

False-negative

TPR

True-positive rate

FPR

False-positive rate

MCC

Matthews correlation coefficient

References

  1. 1.
    Anderson JP (1980) Computer security threat monitoring and surveillance. In: Technical report. Fort Washington, Pennsylvania: James P Anderson CoGoogle Scholar
  2. 2.
    Lee W, Stolfo S, Mok K (2000) A data mining framework for constructing features and models for intrusion detection systems. Technical report, Graduate School of Arts and Science, Columbia UniversityGoogle Scholar
  3. 3.
    Devale PR, Garje GV, Mulay SA (2010) Intrusion detection system using support vector machine and decision tree. Int J Comput 3:0975–8887Google Scholar
  4. 4.
    Geetha Ramani R, Siva Sathya S, Sivaselvi K (2011) Discriminant analysis based feature selection in KDD intrusion dataset. Int J Comput Appl 31(11):0975–8887Google Scholar
  5. 5.
    Balakrishnan S, Venkatalakshmi K, Kannan A (2014) Intrusion detection system using feature selection and classification technique. Int J Comput Sci Appl 3(4):145–151Google Scholar
  6. 6.
    Manekar V, Waghmare K (2014) Intrusion detection system using Support Vector Machine (SVM) and Particle Swarm Optimization (PSO). Int J Adv Comput Res 4(3):808Google Scholar
  7. 7.
    Bhavsar Yogita B, Waghmare Kalyani C (2013) Intrusion detection system using data mining technique: support vector machine. Int J Emerg Technol Adv Eng 3(3). ISSN:2250-2459Google Scholar
  8. 8.
    Wireshark.org. www.wireshark.org. June 2013. [Online]. Available: http://www.wireshark.org/

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • R. Padmashani
    • 1
  • M. Nivaashini
    • 2
  • R. Vidhyapriya
    • 1
  1. 1.PSG College of TechnologyCoimbatoreIndia
  2. 2.Bannari Amman Institute of TechnologySathyamangalamIndia

Personalised recommendations