期刊名称:International Journal of Information and Network Security (IJINS)
印刷版ISSN:2089-3299
出版年度:2012
卷号:1
期号:3
页码:228-234
DOI:10.11591/ijins.v1i3.704
语种:English
出版社:Institute of Advanced Engineering and Science
摘要:Network security is becoming increasingly important in today’s internet-worked systems. With the development of internet, its use on public networks, the number and the severity of security threats has increased significantly. Intrusion Detection System can provide a layer of security to these systems. Intrusion Detection can be defined as "the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource”. More specifically, the goal of intrusion detection system is to identify entities who attempt to subvert in-place security controls. At present, two fundamental problems, quantity and quality of the outputs i.e. false alarms or alerts of IDS, have not been solved well. The pattern of attack changes frequently. Thus IDS should upgrade accordingly. The changes in patterns are mainly the manifestations of attack. Pattern based IDS provides very low false alarms as compare to heuristic/anomaly based IDS. In real world it is very difficult to have large labeled data for training. Supervised approach can't be used in this case. So in this work we propose a semi-supervised approach for pattern based IDS. Our approach uses supervised algorithm as a black box and then filters the unlabelled data with predicted label for training the system. The experimentation is performed on KDD CUP99 dataset and NSL KDD data which is revised KDD CUP 99 data.
