A Two-Stage Classifier Approach using RepTree Algorithm for Network Intrusion Detection

Autor: Salah El Hadaj, Mohamed Idhammad, Mustapha Belouch
Rok vydání: 2017
Předmět:
Zdroj: International Journal of Advanced Computer Science and Applications. 8
ISSN: 2156-5570
2158-107X
DOI: 10.14569/ijacsa.2017.080651
Popis: In this paper, we present a two-stage classifier based on RepTree algorithm and protocols subset for network intrusion detection system. To evaluate the performance of our approach, we used the UNSW-NB15 data set and the NSL-KDD data set. In first phase our approach divides the incoming network traffics into three type of protocols TCP, UDP or Other, then classifies into normal or anomaly. In second stage a multiclass algorithm classify the anomaly detected in the first phase to identify the attacks class in order to choose the appropriate intervention. The number of features is reduced from over 40 to less than 20 features, according to the protocol, using feature selection techniques. The detection accuracy of 88,95% and 89,85% was achieved on the complete UNSW-NB15 and NSL-KDD data set, respectively using individual classifier, results are better as compared to the recent work on these data sets.
Databáze: OpenAIRE