Minimal complexity attack classification intrusion detection system

In general, the kind of users and the injection of network packets into the internet sectors are not under specific control. There is no clear description as to what packets can be considered normal or abnormal. If the invasions are not detected at the appropriate level, the loss to system may be some times unimaginable. Although many intrusion detection system (IDS) methods are used to detect the existing types of attacks within the network infrastructures, reducing false negative and false positives is still a major issue. In our paper an intrusion detection system is designed to classify by the incorporation of enhanced rules as learnt from the network behavior with less computational complexity of O(n). The method demonstrates the achievements of promising classification rate. The bench mark data KDD Cup99 data is used in our method.

Figure gives the computational time of three methods which clearly depicts that rule based method has minimum complexity than others. Also, Adaboost method has more time which is about three times than rule based method.Figure optionsDownload as PowerPoint slideHighlight
► Weak classifiers and boosting algorithm have been summarized.
► Grammar and rule based intrusion detection system has been explained.
► Experimental results proved the fewer time complexity.