Friday, 29 Mar, 2024

+91-9899775880

011-47044510

011-49075396

A Combined Reasoning System for Knowledge Based Network Intrusion Detection

Journal of Network and Information Security

Volume 7 Issue 1

Published: 2019
Author(s) Name: Meseret Assefa and Million Meshesha | Author(s) Affiliation: Addis Ababa University, Institute of Ethiopian Studies, Ethiopia.
Locked Subscribed Available for All

Abstract

In this study, a combination of rule based and case based reasoning for network intrusion detection is proposed. To this end, knowledge is extracted using data mining from sampled KDDcup‘99 intrusion data set. Both descriptive and predictive models are created using K-means clustering and JRip rule induction respectively. Descriptive model is used to design case-based reasoning and predictive model to construct rule-based reasoning. A conditional combination is used for controlling the reasoning between RBR and CBR. In the combined system, it is the RBR that first treat the new query for recommending a solution. If RBR is unable to recommend, the query is automatically forwarded to the CBR system where the case retrieval module identifies the most related solution using case similarity measure. The combination of rule-based and case-based reasoning methods has shown an average of 9.5% improvement with regards to performance over the individual reasoning methods. As a continuation of the intrusion detection, we are now working towards the development of a combined intrusion detection system that prevents intruders to enhance the performance of the system.

Keywords: Combination of CBR and RBR, Combined intrusion detection, Knowledge-based intrusion detection, Network intrusion detection.

View PDF

Refund policy | Privacy policy | Copyright Information | Contact Us | Feedback © Publishingindia.com, All rights reserved