Model Based Intrusion Detection using Data Mining Techniques with Feature Reduction

Abstract

As the technology is advancing so are the data storing practices. Nowadays data is stored online which is the main reason as to why the data is constantly under threat. Therefore there is an urgent need of computer se- curity for securing this confidential data, which is mostly customer personal data which if got leaked will not only pose threat to the customer but also to the organization liable for storing and preserving that data. These unwanted activities are termed as intrusions and the detection of these unwanted activities by constantly monitoring and analysing the system is known as intrusion detection. IDS created using data mining techniques is an effective way of detecting intrusions whose implementation is discussed ahead in this paper. The approach involves building of classification model and hybrid model which are created using classification techniques and, combining both classification and clustering techniques respectively. Classification model can detect known attacks effectively whereas hybrid models can detect unknown or new attacks also. NSL-KDD dataset is used as training dataset which is normalalized and then its feature reduction is done using different techniques. The best feature selection technique among all is chosen by using decision table algorithm. The comparison of the results of different models is done over different performance evaluation parameters. The results show that hybrid models perform better than classification models with improved results as the the data is first preprocessed which makes a classifier more effective.