An analytical approach for real time intrusion detection using machine learning paradigm

Abstract

Intrusion Detection Systems. Another domain of research in this paradigm is Data Mining that offers flexibility and has been a focus of research in the recent years. Intrusion detection can be automated by making the system learn using classifiers/clusters from a training set. A benefit of Machine Learning is that the techniques are capable of generalizing from known attacks to variations, or even can detect new types of intrusion. Recent research focuses more on the hybridization of techniques to improve the detection rates of Machine Learning classifiers. Artificial Neural Networks and Decision Trees have been applied to develop Intrusion Detection Systems and have become popular. Several evaluations performed to date indicate that Intrusion Detection Systems are moderately successful in identifying known intrusions and quite a bit worse at identifying those that have not been seen before. This provides a prospect area for research and commercial communities to design Intrusion Detection Systems. The research work presented in this thesis models the Intrusion Detection System by ensemble approach using Outlier Detection, Change Point and Relevance Vector Machines. The current new hybrid detection model developed combines the individual base classifiers and Machine Learning paradigms to maximize detection accuracy and minimize computational complexity. Results illustrate that the proposed hybrid systems provide more accurate detection rate. Real time dataset is used in the experiments to demonstrate that Relevance Vector Machines can greatly improve the classification accuracy and the approach achieves higher detection rate with low false alarm rates and is scalable for large datasets, resulting in an effective Intrusion Detection System