A comprehensive analysis and study in intrusion detection system using k-NN algorithm

Abstract

The security of computer networks has been in the focus of research for years. Organizations have realized that network security technology has become very important in protecting its information. Any attempt, successful or unsuccessful to compromise the confidentiality, integrity and availability of any information resource or the information itself is considered as a security threat or an intrusion. Every day, new kinds of threats are being faced by industries. One of the way-out to this problem is by using Intrusion Detection System (IDS). The main function of IDS is distinguishing and predicting normal or abnormal behaviors. This paper presents new implementation strategy performing the intrusion detection system, which gives better results by improving accuracy of classification. This approach is based on by defining addition and deletion rule and updating policy for intrusion detection. The experimental results, conducted on the KDD99 dataset, prove that, this new approach outperforms several state-of-the-art methods, particularly in detecting rare attack types. © 2012 Springer-Verlag.