Abstract:
Due to increasing incidents of cyber attacks,
building effective intrusion detection systems are
essential for protecting information systems security,
and yet it remains an elusive goal and a great challenge.
Current intrusion detection systems (IDS) examine all
data features to detect intrusion or misuse patterns and
some attacks were detected as normal attacks may be
vulnerability the whole system. Some of the features may
be redundant or low importance during detection
process. This paper utilizes a procedure for analyzing
the attack features and developing rules by combining
signature analysis with automated techniques to
improve readability, comprehensibility, and maintainability
of rules. We apply one of the efficient data
mining algorithms called random forests for network
intrusion detection. Empirical results prove that the
proposed method can get the high accuracy in detection
the attacks in unauthorized accesses such as
warezmaster attack and buffer overflow attack.