Intrusion Detection System Using Hybrid Approach (Clustering and Classification)

Now a day’s security is the primary concerned in the field of computer science. Intrusion detection system provides stronger security services with the help of rules. Intrusion Detection System (IDS) has recently emerged as an important component for enhancing information system security. However, constructing and maintaining a misuse intrusion detection system for a network is labor– intensive, since attack scenarios and patterns need to be analyzed and categorized. Moreover, the rules corresponding to the scenarios and patterns need to be carefully hand-coded. In such situations, data mining can be used to ease this inconvenience. All most all-existing intrusion detection systems focus on attacks at low-level, and only produced isolated alerts. It is known that existing IDS can’t find any type of logical relations among alerts. This research proposes an intrusion detection system that uses a combination of classification and clustering algorithms to detect intrusions. Basically this model work on misuse and anomaly detection mode, it will use an approach to extract features from arriving data packets and will apply the algorithm to get the rule for match normal and abnormal behavior. The main advantage of this approach is that the system can be trained with unlabeled data and is capable of detecting previously “unseen� attacks.