Using classification techniques for creation of predictive intrusion detection model

Intrusion Detection System have been successful to prevent attacks on network resources, but the problem is that they are not adaptable in cases where new attacks are made i.e. they need human intervention for investigating new attacks. This paper proposes the creation of predictive intrusion detection model that is based on usage of classification techniques such as decision tree and Bayesian techniques. The system is trained using a 66% of randomly selected connections in as a subset of the KDD´99 intrusion detection data set. The training model is created by a trained classifier and then used to classify the remaining 34% subset of the KDD´99 intrusion detection dataset in order to report on the effectiveness of the model. The results show that based on a selected set of features extracted using subset evaluation algorithm for classifiers and a best-first search mechanism, that decision tree algorithm J48 based on C4.5 provides 99.95% of correctly classified instances and is better than the Naïve Bayes technique. Also found was that false positives using Naïve Bayes are high for Probing and Remote to Local attack categories. Finally, all classes based training model creation strategy using decision tree algorithm has been found effective.