Using Artificial Intelligence Techniques For Intrusion Detection System

Abstract

Along with the development and growth of the internet network, and the rapid expansion of World Wide Web and local network systems have changed the computing world in the last decade. Nowadays, as more people make use of the internet, their computers and the valuable data in their computer system contain become more exposed to attackers. Therefore, there is an increasing need to protect computer and network from attacks and unauthorized access. Such that network intrusion classification and detection systems to prevent unlawful accesses. This work has taken the advantage of classification and detection abilities of Artificial Intelligent Techniques AITs algorithms to recognize intrusion(attack) and also detect new attacks. These algorithms are used to multi classifier and binary classifier for network intrusion and detect it, AITs such as unsupervised and supervised fuzzy clustering algorithms ( Fuzzy C-Mean FCM, Gustafson-Kessel GK, and Possibilistic C-Means PCM ), was applied to classify intrusion into 23 classes according to the subtype of attack. The same dataset classifies it into 5 classes according to the type of attacks (Normal, DoS, Probe, U2R, R2L). And also classifies this dataset into 2 classes (Normal, and Attack), one for normal traffic and another for attack, also these algorithms are used to detect intrusion.Other techniques were used which are artificial neural network (ANN) represented by counter propagation neural network (CPN) which is hybrid learning (supervised and unsupervised) that is applied to classify intrusion into 23, 5 and 2 class(es) and used it to detect the network intrusions, and then we combined fuzzy c-mean with two layers Kohonen layer and Grossberg layer for counter propagation neural network to produce the proposed approach or system that called it fuzzy counter propagation neural network (FCPN) were applied it to classify network intrusion into 23, 5 and 2 class(es) and detect the intrusion. DARPA 1999 (Defense Advanced Research Project Agency) dataset which is represented by Knowledge Discovery and Data mining (KDD) cup 99 dataset was used for both training and testing. This research evaluates the performance of the approaches that are used that obtained high classification and detection rate with low false alarm rate. The performance of the proposed approach FCPN is the best if it is compared with the other approaches that are used and with previous works. Finally, in this research comparisons are made between the results obtained from the application of these algorithms on this dataset and the FCPN is the best approach that is implemented into Laptop where, CPU 2.27GH and RAM are 2.00 GB.