| Firstly, the backgrounds and techniques of intrusion detection system (IDS) are introduced briefly in this paper, also the current status. Then an intrusion detection system based on a new nonstationary machine learning technique model is presented and improved. On the precondition of the same false alarm rates, more intrusions have been detected, and less time for detection is needed with the improved system. Machine learning algorithm discussed in this paper is not the same of the traditional ones, the later needs training samples which include positive and negative ones however we only provide positive ones, i.e. no attack events, for intrusion detection machine learning algorithm during training phase.In this paper, the advantages and limitations of machine learning algorithm that is used for dealing with the definite and obscured knowledge are given, and also some new ideas are proposed, the research works are as follows,1. There is much indefinite knowledge in intrusion detection, so it is reasonable toutilize Rough Set (RS) theory that is competent for disposing obscured knowledge in intrusion detection.2. Attribute reduction is one of the key aspects in Rough Set, and abstracting all useful attributes is a NP-compIete problem from the power set of conditional attributes. The Immune Algorithm (IA) has the capacity of global optimization and is better than traditional Genetic Algorithm in searching efficiency. The detailed IA 's steps to solve the problem are given.3. Then we utilize both the RS theory and IA in intrusion detection, simulate it with the kddcup99 dataset and get a satisfied detection result. It indicates that the new method is feasible and effective.Finally, the comparisons of the two methods are discussed in the paper, and also the future of intrusion detection techniques is given.
|
PDF Full Text Request