A novel rough set methodology and machine learning based novel network intrusion detection system: Theoretical analysis and applications

Abstract

Data mining for intrusion detection is one of the most cutting-edge researches which focus on network security, database, and information decision-making. Due to the emergence of new forms of attacks and intrusion on the network, we need a new intrusion detection system which would be able to detect new and unknown attacks. Nevertheless, because of the complexity and diversity of network security alarm data, ordinarily, it is difficult to analyze and evaluate network security situation accurately. Intrusion detection is to protect network system from attacks and defend its security. We used machine learning technology in intrusion detection system in order to improve system performance effectively. In the paper, by studying the characteristics of network data intrusion, we put forward a intrusion detection system based on Rough set theory, and detect anomaly action in network. This method can extract detection rule model of network connection data, dealing with incomplete data and discrete data exit in data mining effectively. The basic ideas and techniques of data mining-based intrusion detection and the architecture of a real time data mining-based IDS are discussed. Meanwhile, we mainly analyzed the basic structure of intrusion detection system and application of several Machine Learning methods in intrusion detection which include Bayesian Classification-based method, neural networks-based method, Support Vector Machine-based method(SVM). The experiments results show that, models, methods and generation framework proposed in this paper can effectively detect network intrusion.