Distributed Hybrid Framework for Intrusion Detection

  • S. R. Khonde, V. Ulagamuthalvi


In new era of networking and Internet, rise in usage of Intrusion Detection Systems (IDS) is happened due to novel malicious activities over network. IDS are an intelligent system which helps administrators to find various malicious activities happening in the network. This system works intelligently with various machine learning algorithms to increase attack detection rate. In this paper distributed hybrid framework is proposed to identify signature and anomaly based attacks, which make use of various supervised and unsupervised algorithms for comparing attack detection rate and false alarm rate. Signature and anomaly based attacks can be detected in distributed framework with combination of various algorithms. This framework also used for detection of new attacks in real time environment. Dataset used for training and testing is Intrusion Detection Evaluation Dataset CICIDS-17. This dataset consist of total 88 features, which helps in detecting attacks happen on network. Proposed system uses various feature selection techniques to reduce number of features. An experiment result proves that this framework increases attack detection rate and reduces false alarm rate.