Nowadays there are an enormous number of attacks over the Internet that
makes our information to be continuously at risk. Intrusion Detection
Systems (IDS) are used as a second line of defense. They observe suspicious
actions in the network to detect attacks. One of the most popular
ones is Snort. It is an open source IDS and the rules to detect the attacks
are updated offline. As there are new types of attacks almost every day,
it has a low detection rate especially for new types of attack. ...
Nowadays there are an enormous number of attacks over the Internet that
makes our information to be continuously at risk. Intrusion Detection
Systems (IDS) are used as a second line of defense. They observe suspicious
actions in the network to detect attacks. One of the most popular
ones is Snort. It is an open source IDS and the rules to detect the attacks
are updated offline. As there are new types of attacks almost every day,
it has a low detection rate especially for new types of attack. The aim of
this work is to create an IDS using machine learning techniques in order
to be more efficient detecting attacks than Snort. The proposed IDS is
compared with Snort using the newly UNSW-NB15 dataset. The results
show a detection rate of 98.11% and a false alarm rate of 8.57% for INsIDES,
whereas Snort has a detection rate of 2.43% and a false alarm rate
of 30.66%, assuring encouraging trails when machine learning techniques
are applied to traditional rule-based IDS.
+