Self Configuring Intrusion Detection System

With the rapid expansion of computer networks during the past few years, security has become a crucial issue for modern computer systems. A good way to identify malicious use is through monitoring unusual user activity. To identify these malicious activities various data-mining and machine learning techniques have been deployed for intrusion detection. The manual tuning process required by current systems depends on the system operators in working out the tuning solution and in integrating it into the detection model. This paper proposes Self Configuring Intrusion Detection System (SCIDS) to make tuning automatically. The key idea is to use the binary SLIPPER as a basic module, which is a rule learner based on confidence-rated boosting. This system is evaluated using the NSL KDD intrusion detection dataset. An experimental result shows the SCIDS system with SLIPPER algorithm gives better performance in terms of detection rate, false alarm rate, total misclassification cost and cost per example on NSL-KDD dataset than that of on KDD.