UUM Electronic Theses and Dissertation
UUM ETD | Universiti Utara Malaysian Electronic Theses and Dissertation
FAQs | Feedback | Search Tips | Sitemap

Hybrid intelligent approach for network intrusion detection

Al-Mohammed, Wael Hasan Ali (2015) Hybrid intelligent approach for network intrusion detection. Masters thesis, Universiti Utara Malaysia.

[thumbnail of s814522.pdf]

Download (1MB) | Preview
[thumbnail of s814522_abstract.pdf]

Download (1MB) | Preview


In recent years, computer networks are broadly used, and they have become very complicated. A lot of sensitive information passes through various kinds of computer devices, ranging from minicomputers to servers and mobile devices. These occurring changes have led to draw the conclusion that the number of attacks on important information over the network systems is increasing with every year. Intrusion is the
main threat to the network. It is defined as a series of activities aimed for exposing the
security of network systems in terms of confidentiality, integrity and availability, as a result; intrusion detection is extremely important as a part of the defense. Hence, there
must be substantial improvement in network intrusion detection techniques and systems. Due to the prevailing limitations of finding novel attacks, high false detection, and accuracy in previous intrusion detection approaches, this study has proposed a hybrid intelligent approach for network intrusion detection based on k-means clustering algorithm and support vector machine classification algorithm. The aim of this study is to reduce the rate of false alarm and also to improve the detection rate, comparing with the existing intrusion detection approaches. In the present study, NSL-KDD intrusion dataset has been used for training and testing the proposed approach. In order to improve classification performance, some steps have been taken beforehand. The first
one is about unifying the types and filtering the dataset by data transformation. Then, a
features selection algorithm is applied to remove irrelevant and noisy features for the
purpose of intrusion. Feature selection has decreased the features from 41 to 21 features
for intrusion detection and later normalization method is employed to perform and reduce the differences among the data. Clustering is the last step of processing before classification has been performed, using k-means algorithm. Under the purpose of classification, support vector machine have been used. After training and testing the proposed hybrid intelligent approach, the results of performance evaluation have shown that the proposed network intrusion detection has achieved high accuracy and low false detection rate. The accuracy is 96.025 percent and the false alarm is 3.715 percent.

Item Type: Thesis (Masters)
Supervisor : Mohammad Tahir, Hatim
Item ID: 4520
Uncontrolled Keywords: Network Intrusion Detection, Hybrid Intelligent Approach, Network Attacks, Clustering, Classification, NSL-KDD intrusion dataset, K-Means algorithm, Support Vector Machine algorithm
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Awang Had Salleh Graduate School of Arts & Sciences
Date Deposited: 10 May 2015 03:13
Last Modified: 18 Mar 2021 03:30
Department: College of Arts and Sciences
Name: Mohammad Tahir, Hatim
URI: https://etd.uum.edu.my/id/eprint/4520

Actions (login required)

View Item
View Item