Effective Intrusion Detection System using Data Mining Technique

Network Security has become the key foundation with the tremendous increase in usage of network-based services and information sharing on networks. Intrusion poses a serious risk to the network security and compromise integrity, confidentiality & availability of the computer and network resources. Intrusion Detection System (IDS) is one of the looms to detect attacks and anomalies in the network. Data mining technique has been widely applied in the network intrusion detection system by extracting useful knowledge from large number of network data. In this paper a hybrid model is proposed to maximize the effectiveness in identifying attacks that integrates Anomaly based Intrusion detection technique with Signature based Intrusion detection technique is divided into two stages. In first stage, the network traffic anomaly detection (NETAD) which is anomaly based IDS is combined with the signature based IDS SNORT which is an open-source project. In second stage, Entropy for network features is used for feature reduction and data mining techniques “k-means + CART�, to cascade k-means clustering and CART (Classification and Regression Trees) for classifying normal and abnormal activities. The hybrid IDS model is evaluated using KDD Cup Dataset.