A Survey on Building Intrusion Detection SystemUsing Data Mining Framework
Department of Computer ScienceDr.N.G.P. Arts and Science CollegeCoimbatoree-mail: firstname.lastname@example.org
Department of InformationTechnologyAvinashilingam University forWomen, Coimbatoree-mail: email@example.com
Dr. P. Sumathi,
Assistant ProfessorDepartment of Computer Science,Chikkanna Government Arts College,Tirupure-mail: firstname.lastname@example.org
Recently, network attacks have increased to a greaterextent. Hackers and intruders can produce several successfulefforts to cause the crash of the networks and web services byillegal intrusion. New threats and interrelated solutions to avoidthese threats are budding jointly with the secured systemevolution. So, Intrusion Detection System (IDS) has become anactive area of research in the field of network security. Theoptimization of IDS becomes an attractive domain due to thesecurity audit data as well as complex and active properties of intrusion behaviors. The main purpose of IDS is to protect theresources from threats. Intrusion Detection System examines andcalculates the user behavior, and then these behaviors will beconsidered an attack or a normal behavior. Intrusion detectionsystems have been integrated with data mining approaches toidentify intrusions. There are various data mining approachessuch as classification tree, Support Vector Machines, etc., usedfor intrusion detection. In this paper, thorough investigationshave been done on the existing data mining approaches to detectintrusions..
Intrusion Detection System (IDS), intruders, Machine Learning techniques, Data mining
Computer networks and their related applications havebecome an attractive source in the era of information society. Similarly, in recent years, the potential thread to the globalinformation infrastructure has also increased greatly. In orderto guard against several cyber attacks and computer viruses,numerous computer security approaches have been extensivelyresearched in the recent years. The major security techniquesproposed are cryptography, firewalls, anomaly, intrusiondetection, etc. Among the available existing techniques,intrusion detection techniques have been considered to be oneof the most significant and competent techniques for protectingcomplex and dynamic intrusion attacks.Network intrusion and information safety issues are mainlydue to the consequences of extensive internet usage. Forexample, on February 7th, 2000 the first Denial of Service(DoS) attacks of huge volume were established, aiming thecomputer systems of huge corporates like Yahoo!, eBay,Amazon, CNN, ZDnet and Dadet . Alternatively, network intrusion is regarded as a new weapon of world war. Thus, ithas become the major concern of the computer society to detectand to prevent intrusions efficiently.An intrusion is a violation of the security policy of thesystem, and thus, intrusion detection mainly refers to themethods that detect violations of system security policy. Sincethe cruelty of attacks in the network has increased radically,Intrusion detection system has become an essential factor to thesecurity infrastructure of several companies. Intrusion detectionfacilitates companies to defend their systems from variousattacks that come with rising network connectivity anddependence on information systems .Recently, intrusion detection techniques through datamining approaches have attracted several researchers. As anessential application area of data mining, intrusion detectionfocus to lessen the burden of examining vast volumes of auditdata and recognizing the performance optimization of detectionrules. Several researchers have suggested numerous techniquesin various groups, from Bayesian techniques  to decisiontrees [5, 6], from rule based models  to functions studying. These techniques have improved the efficiency of thedetection to a certain extent.It is observed from the existing techniques that, mostresearchers utilized a single algorithm to detect multiple attack classes with miserable performance in certain scenarios. But,detection performance can be greatly improved throughcomplicated technique.In the present scenario, data mining approaches have takenvaluable steps towards solution of several issues in differentintrusion detection issues. There are various benefits inutilizing the data mining approaches for solving the problem of network intrusion . Some of the benefits are listed below:
It can process huge amount of data.
User’s subjective evaluation is not needed, and it ismore appropriate to detect the unobserved andhidden information.Moreover, data mining systems easily performs datasummarization and visualization that facilitate the securityanalysis in various research areas .This paper thoroughly investigates the existing data miningapproaches which help in preventing intrusion attacks. The
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 10, No. 3, March 201232http://sites.google.com/site/ijcsis/ISSN 1947-5500