Abstract:

The intrusion detection is a branch of cyber analytics that involves the recognition of network malicious activities and policy violations. The intrusions are deliberate actions spawned by the intruders against the security policies of the information system. The several attacks like, DoS, R2L, U2R, and Probing etc., are adverse that can divest the system information security. The IDS is used to detect any anomalous behavior, misuse or suspicious incident. The Network based intrusion detection (NIDS) is an IDS that monitors the network traffic to detect intrusion in real time. Presently enormous techniques and approaches were devised in the field of intrusion detection, even then the accuracy, rate of detection and the false alarm rate is under control. This paper is the survey of the contemporary data mining based NIDS detection techniques for ascertaining and categorizing the intrusion events. Deep emphasis is given for enhancing the attack detection rate and reducing the risks of false alarm rate. The rate of attack detection by data mining based algorithms like J48, Random tree and Random forest is analyzed using KDD Cup DARPA 99 data set.


Keywords- NIDS; Packet Sniffing; Feature selection; Classification; False Alarm; J48, RF-Random Forest; RT-Random Tree;