Integrated fuzzy GNP rule mining with distance-based classification for intrusion detection system

With the increased usage of Internet, network security attracts many researchers to propose various kinds of approaches. Data mining techniques are efficient to construct a reliable Intrusion Detection System. Classification is an essential task in data mining. In this paper, a new classification method is proposed to build an accurate and efficient classifier for intrusion detection. The new classification method utilizes the average distances of the new data to its closest neighbor points to classify it as normal or intrusion. Then, the distances of the data to the centroids of normal, misuse intrusion and anomaly intrusion is used to get the accurate class label of the data. In addition, this paper integrates Fuzzy GNP-based class association rule mining method to extract rules. Fuzzy GNP avoids the use of the domain knowledge and solves the continuous attributes efficiently. On the basis of the extracted rules, the multi-feature space is projected into a two-dimensional average matching degree space. The benchmark data KDD Cup 1999 and NSL-KDD are used to evaluate the performance of the proposed method.