K‐Means Clustering and Random Forest Based Hybrid Intrusion Detection Algorithm
| dc.contributor.advisor | Yonas, Yehualashet (Mr.) | |
| dc.contributor.author | Meseret, Kebede | |
| dc.date.accessioned | 2018-09-24T04:42:29Z | |
| dc.date.accessioned | 2023-11-04T15:14:38Z | |
| dc.date.available | 2018-09-24T04:42:29Z | |
| dc.date.available | 2023-11-04T15:14:38Z | |
| dc.date.issued | 2017-12 | |
| dc.description.abstract | The rapid growth of computers transformed the way in which information and data was stored and transmitted. With this new paradigm of data access, comes the threat of this information being exposed to unauthorized and unintended users. Because of this the integrity, confidentiality, and availability of data in a network become the most challenging issue. Many systems have been developed which scrutinize the data for deviation from the normal behavior or search for a known signature within the data. These systems are termed as Intrusion Detection Systems (IDS). IDSs employ different techniques varying from statistical methods to machine learning algorithms. This paper evaluates the performance of different intrusion detection algorithms using KDD’99 dataset and explores if certain algorithms perform better for certain attack classes and consequently, if a multi-expert classifier design can deliver desired performance measure. The algorithms detection performance is compared by using Detection Rate (DR) and False Alarm Rate (FAR) evaluation metrics. The experiment performed shows that those algorithms did in fact have different detection performance for different attack types and no single algorithm exceeds in detecting all attack types. Based on this evaluation results, best algorithms for each attack category is chosen and an optimized hybrid algorithm called K-Means Clustering and Random Forest Based Hybrid Intrusion Detection Algorithm (KRHA) is proposed. The proposed algorithm classifies DoS, Probe, U2R and R2L attacks with 99.12%, 99.06 %, 89.79% and 78.63% accuracy respectively. This is an improvement from Fuzzy Logic which has high detection rate for probe with 98.51% and Random Forest for U2R with 85.6% and K-means clustering algorithm for R2L with 72.04% detection rate. | en_US |
| dc.identifier.uri | http://etd.aau.edu.et/handle/123456789/12133 | |
| dc.language.iso | en_US | en_US |
| dc.publisher | AAU | en_US |
| dc.subject | Intrusion Detection System | en_US |
| dc.subject | Data Mining, Machine Learning | en_US |
| dc.subject | Anomaly | en_US |
| dc.subject | Misuse | en_US |
| dc.subject | Clustering | en_US |
| dc.subject | Classification | en_US |
| dc.subject | KDD’99 Dataset | en_US |
| dc.subject | Hybrid | en_US |
| dc.subject | Detection Rate | en_US |
| dc.subject | Detection Rate | en_US |
| dc.title | K‐Means Clustering and Random Forest Based Hybrid Intrusion Detection Algorithm | en_US |
| dc.type | Thesis | en_US |