Abstract
Intrusion detection is one of the major research problems in network security. It is the process of monitoring and analyzing the events occurring in a computer system in order to detect different security violations. Mining approach can play a very important role in develo** an intrusion detection system. In this paper, we present the comparison of different classification techniques to detect and classify intrusions into normal and abnormal behaviors. The algorithms used are J48, Naive Bayes, JRip, and OneR. We use the WEKA tool to evaluate these algorithms. The experiments and assessments of these methods are performed with NSL-KDD intrusion detection dataset. Our main aim was to show the comparison of the different classification algorithms and find out which algorithm will be most suitable for the intrusion detection. We also summarize the research challenges in classification process.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Lee, W., Stolfo, S.J., Mok, K.W.: A framework for constructing features and models for intrusion detection systems. ACM Trans. Inf. Syst. Secur. 3(4), 227–261 (2000)
Zhu, D., Premkumar, G., Zhang, X., Chu, C.-H.: Data mining for network intrusion detection: a comparison of alternative methods. Decis. Sci. 32(4), 635–660 (2001)
Kim, T., Yeo, S.S., Liu, Z., Lai, Y.: A data mining framework for building intrusion detection models based on IPv6. Adv. Inf. Secur. Assur. 5576, 608–618 (2009). Springer, Berlin
Lee, W., Stolfo, S.J.: Data mining approaches for intrusion detection. 7th USENIX Secur. Symp. 7(4), 635–660 (1998). San Antonio, TX
Gaol, F.L., Yi, S., Deng, F.: Research of network intrusion-detection system based on data mining. Recent Progress Data Eng. Internet Technol. 157, 141–148 (2012). Springer, Berlin
Warrender, C., Forrest, S., Pearlmutter, B.: Detecting intrusions using system calls: alternative data models. IEEE Symposium on Security and Privacy, pp. 133–145, (1999)
Schultz, M.G., Zadok, E., Stolfo, S.J., Eskin, E.: Data mining methods for detection of new malicious executables. IEEE Symposium on Security and Privacy, Columbia University, pp. 38–49. (2001)
Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P., Kumar, V., Srivatsa, J., Dokas, P.: MINDS—Minnesota Intrusion Detection System, Next Generation Data Mining. MIT Press, Cambridge (2004)
Nazer, G.M., Selvakumar, A.L.: Intelligent data mining techniques for intrusion detection models on network. Eur. J. Sci. Res. 71(1), 36–45 (2012)
Hwang, T., Lee, T., Lee, Y.: A three-tier IDS via data mining approach. 3rd annual ACM workshop on Mining network data, pp. 1–6. (2007)
Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Comput. Netw. 34(4), 579–595 (2000)
Olusola, A.A., Oladele, A.S., Abosede, D.O.: Analysis of KDD’99 intrusion detection dataset for selection of relevance features. World Congress on Engineering and Computer Science, vol. 1. San Francisco, USA, 20–22 Oct 2010
Tavallaee, M., Bagheri, E., Wei, L., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA, pp. 1–6. (2009)
Subramanian, S., Srinivasan, V.B., Ramasa, C.: Study on classification algorithms for network intrusion systems. J. Commun. Comput. 9, 1242–1246 (2012)
NSL-KDD dataset (Available Online). http://iscx.ca/NSL-KDD/
Kalyani, G., Lakshmi, A.J.: Performance assessment of different classification techniques for intrusion detection. IOSR J. Comput. Eng. (IOSRJCE) 7(5), 25–29 (2012)
Reddy, E.K., Iaeng, M., Reddy, V.N., Rajulu, P.G.: A study of intrusion detection in data mining. World Congress on Engineering (WCE), pp 6–8. London, 3 July 2011
Neethu, B.: Classification of intrusion detection dataset using machine learning approaches. Int. J. Electron. Comput. Sci. Eng. 1, 1044–1051 (2012)
Srinivasulu, P., Nagaraju, D., Kumar, P.R., Rao, K.N.: Classifying the network intrusion attacks using data mining classification methods and their performance comparison. Int. J. Comput. Sci. Network Secur. (IJCSNS) 9(6), 11–18 (2009)
Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers, Los Altos (1993)
WEKA—Data Mining Machine Learning Software (Available Online) http://www.cs.waikato.ac.nz/ml/weka/
S. Garner: Weka: the Waikato environment for knowledge analysis. Computer Science Research Students Conference, pp. 57–64, Citeseer, New Zealand, (1995)
Domingos, P., Pazzani, M.: On the optimality of the simple Bayesian classifier under zero-one loss. Mach. Learn. 29(2&3), 103–130 (1997)
Cohen, W.W.: Fast effective rule induction. Twelfth International Conference on Machine Learning, pp. 115–123, (1995)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer India
About this paper
Cite this paper
Chauhan, H., Kumar, V., Pundir, S., Pilli, E.S. (2014). Comparative Analysis and Research Issues in Classification Techniques for Intrusion Detection. In: Mohapatra, D.P., Patnaik, S. (eds) Intelligent Computing, Networking, and Informatics. Advances in Intelligent Systems and Computing, vol 243. Springer, New Delhi. https://doi.org/10.1007/978-81-322-1665-0_68
Download citation
DOI: https://doi.org/10.1007/978-81-322-1665-0_68
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-1664-3
Online ISBN: 978-81-322-1665-0
eBook Packages: EngineeringEngineering (R0)