Denial of Service Intrusion Detection System (IDS) Based on Naïve Bayes Classifier using NSL KDD and KDD Cup 99 Datasets

Abstract

Intrusion Detection Systems (IDS) become necessary to protect data from intruders and reduce the damage of the information system and networks especially in cloud environment which is next generation Internet based computing system that supplies customizable services to the end user to work or access to the various cloud applications. This paper concentrates the views to be noted that; the attacks in cloud environment have high rates of Denial of service (DoS) attacks compared with the usual network environment. This paper will introduce Naïve Bayes (NB) Classifier supported by discrete the continuous feature and feature selection methods to classify network events as an attack (DoS, Probe, R2L and U2R) or normal. The influence of use all features and use set of features by applying two methods of feature selection methods has been studied in this paper. The performance of the proposed system was evaluated by using KDD 99 CUP and NSL KDD Datasets, and from experimental works the results are; proposal improves the performance of NIDS in term of accuracy and detecting DOS attack, where it detected 94%, 97% and 98% of DoS attacks for three experimental test datasets in KDD Cup 99 dataset when used twelve features selected by gain ratio, while in NSL KDD Dataset the accuracy of detecting DoS is 86%, 87% and 88% for three experimental test datasets when select only ten features by applied gain ratio.