Intrusion Detection System Based on Data Mining Techniques to Reduce False Alarm Rate

Sarah M. Shareef --- Soukaena H. Hashim

Engineering and Technology Journal مجلة الهندسة والتكنولوجيا
ISSN: 16816900 24120758 Year: 2018 Volume: 36 Issue: 2 Part (B) Engineering Pages: 110-119
Publisher: University of Technology الجامعة التكنولوجية


Nowadays, Security of network traffic is becoming a major issue ofcomputer network system according to the huge development of internet.Intrusion detection system has been used for discovering intrusion and tomaintain the security information from attacks. In this paper, produced twolevels of mining algorithms to construct Network Intrusion Detection System(NIDS) and to reduce false alarm rate, in the first level Naïve Bayes algorithmis used to classify abnormal activity into the main four attack types fromnormal behavior. In the second level ID3 decision tree algorithm is used toclassify four attack types into (22) children of attacks from normal behavior.To evaluate the performance of the two proposed algorithms by using kdd99dataset intrusion detection system and the evaluation metric accuracy,precision, DR, F-measure. The experimental results prove that the proposalsystem done high detection rates (DR) of 99 % and reduce false positives (FP)of 0 % for different types of network intrusions


data mining --- intrusion detection system --- false alarm --- Decision Tree classifier --- Naïve Bayes classifier..