One of the most challenging aspects of a rule-based network intrusion detection system is the high false-positive rate, which makes it unreliable. This research study has developed a new hybrid system based on two-stage intrusion detectors in series to lower the system's high false-positive rate. At first, the rule-based system identifies incoming network packets as intrusion packets or normal packets. The trained machine learning model with feature reduction technique assists the classifiers in classifying the incoming packets as intrusion or normal. For the rule-based system, "Snort" is used, and for the second stage, a classification decision tree is used. A Genetic Algorithm (GA) technique is used for feature selection purposes. The final decision about intrusions is based on the prediction of both the learning systems. The experimental results show that this approach successfully reduces the false positive and false negative rates and increases rule-based NIDS accuracy.
This work is licensed under a Creative Commons Attribution 4.0 International License.
- ADHAO, R., & PACHGHARE, V. (2020). Feature selection using principal component analysis and genetic algorithm. Journal of Discrete Mathematical Sciences and Cryptography, 23(2), 595-602.
- AHRABI, A. A. A., NAVIN, A. H., BAHRBEGI, H., MIRNIA, M. K., BAHRBEGI, M., SAFARZADEH, E., & EBRAHIMI, A. (2010). A New System for Clustering and Classification of Intrusion Detection System Alerts Using Self-Organizing Maps. International Journal of Computer Science and Security (IJCSS), 4(6), 589-597.
- ASLAM, U., BATOOL, E., AHSAN, S. N., & SULTAN, A. (2017). Hybrid network intrusion detection system using machine learning classification and rule based learning system. International Journal of Grid and Distributed Computing, 10(2), 51-61.
- BITAAB, M., & HASHEMI, S. (2017, September). Hybrid intrusion detection: Combining decision tree and gaussian mixture model. In 2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC) (pp. 8-12). IEEE.
- CEPHELI, O., BÜYÜKÇORAK, S., & KARABULUT KURT, G. (2016). Hybrid intrusion detection system for ddos attacks. Journal of Electrical and Computer Engineering, 2016.
- DESAI, A. S., & GAIKWAD, D. P. (2016, December). Real time hybrid intrusion detection system using signature matching algorithm and fuzzy-GA. In 2016 IEEE international conference on advances in electronics, communication and computer technology (ICAECCT) (pp. 291-294). IEEE.
- GNANAPRASANAMBIKAI, L., & MUNUSAMY, N. 2018. Data Pre-Processing and Classification for Traffic Anomaly Intrusion Detection Using NSLKDD Dataset. Cybernetics and Information Technologies, 18(3), 111-119.
- IGBE, OBINNA., DARWISH, I., & SAADAWI, T. (2017, June). Deterministic dendritic cell algorithm application to smart grid cyber-attack detection. In 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud) (pp. 199-204). IEEE.
- JAIN, N., MELMALGI, T., PATIL, V., & HONNAVALLI, P. B. (2021). Hybrid Home Network Intrusion Detection System.
- JELIDI, M., GHOURABI, A., & GASMI, K. (2019, April). A hybrid intrusion detection system for cloud computing environments. In 2019 International Conference on Computer and Information Sciences (ICCIS) (pp. 1-6). IEEE.
- KUMAR, V., & SANGWAN, O. P. (2012). Signature based intrusion detection system using SNORT. International Journal of Computer Applications & Information Technology, 1(3), 35-41.
- MOHAMED, I. I., & SAMSURI, F. (2020). Campus Hybrid Intrusion Detection System Using SNORT and C4. 5 Algorithm. In InECCE2019 (pp. 591-603). Springer, Singapore.
- REDDICK, C. G., CHATFIELD, A. T., and JARAMILLO, P. A. 2015. Public opinion on national security agency surveillance programs: A multi-method approach. Government Information Quarterly 32, 2, 129-141.
- SALIH, A. A., & ABDULRAZAQ, M. B. (2019, April). Combining best features selection using three classifiers in intrusion detection system. In 2019 International Conference on Advanced Science and Engineering (ICOASE) (pp. 94-99). IEEE.
- SHAIKH, J. M., & KSHIRSAGAR, D. (2021). Feature Reduction-Based DoS Attack Detection System. In Next Generation Information Processing System (pp. 170-177). Springer, Singapore.