A Novel Approach to Intrusion Detection System using Rough Set Theory and Incremental SVM
Ghanshyam Prasad Dubey1, Prof. Neetesh Gupta2, Rakesh K Bhujade3
1Ghanshyam Prasad Dubey is M.Tech Scholar in Department of Information Technology, Technocrats Institute of Technology, Bhopal. India.
2Prof. Neetesh Gupta is working as Head, Department of Information Technology, Technocrats Institute of Technology, Bhopal, India.
3Rakesh K Bhujade is working as Associate Professor Technocrats Institute of Technology, Bhopal, India.
Manuscript received on February 20, 2011. | Revised Manuscript received on February 27, 2011. | Manuscript published on March 05, 2011. | PP: 14-18 | Volume-1 Issue-1, March 2011. | Retrieval Number: A005021111
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Published By: Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Intrusion Detection System (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. These attempts may take the form of attacks, as examples, by crackers, malware and/or disgruntled employees. An IDS cannot directly detect attacks within properly encrypted trafficOn detection of such sign triggers of IDS to report them generate the alerts. These alerts are presented to a human analyst who evaluates them and initiates an adequate response. In Practice, IDSs have been observed to trigger thousands of alerts per day, most of which are mistakenly triggered by begin events such as false positive. This makes it extremely difficult for the analyst to correctly identify alerts related to attack such as a true positive. Recently data mining methods have gained importance in addressing network security issues, including network intrusion detection. Intrusion detection systems aim to identify attacks with a high detection rate and a low false positive. We use RST (Rough Set Theory) and Incremental SVM (Support Vector Machine) to detect intrusions. First, RST is used to preprocess the data and reduce the dimensions. Next, the features were selected by RST will be sent to SVM model to learn and test respectively. The method is effective to decrease the space density of data. Using this method, it can overcome the shortages of SVM time-consuming of training and massive dataset storage. The simulation experiments with KDD Cup 1999 data demonstrate that our proposed method achieves the increasing performance for intrusion detection.
Keywords: Intrusion Detection, Support Vector Machine, Rough Set Theory, Data Mining.