A Combined Reasoning System For Knowledge Based Network Intrusion Detection
| dc.contributor.advisor | Meshesha, Dr. Million Meshesha | |
| dc.contributor.author | Assefa Adamu, Meseret | |
| dc.date.accessioned | 2018-11-09T14:25:13Z | |
| dc.date.accessioned | 2023-11-18T12:46:45Z | |
| dc.date.available | 2018-11-09T14:25:13Z | |
| dc.date.available | 2023-11-18T12:46:45Z | |
| dc.date.issued | 2016-06-05 | |
| dc.description.abstract | Nowadays, the Internet plays a vital role in incessant communication; its effectiveness however can diminish owing to effects called intrusions. Intrusion is an activity that adversely affects the targeted system. There are different ways of detecting and preventing intruders in the network. Knowledge Based System (KBS) is the widely used one with rule-based reasoning or case-based reasoning. In this study, a combination of rule based and case based reasoning for network intrusion detection is proposed. To this end, knowledge is extracted using data mining from sampled KDDcup‗99 intrusion data set. Both descriptive and predictive models are created using K-means clustering and JRip rule induction. Descriptive model is used to design case-based reasoning and predictive model to construct rule-based reasoning. The method of combination used is a conditional combination model, which has a controller in between RBR and CBR. The controller is developed by Java eclipse programming language. In the combined system, it is the RBR that first treat the new query for recommending a solution. Otherwise, the query is automatically forwarded to the CBR system where the case retrieval module identifies the most related solution using case similarity measure. The combination of rule-based and case-based reasoning methods has shown a substantial improvement with regards to performance over the individual reasoning methods. The combined system scores 93.33% overall performance and achieves 90.5% accuracy with an average Precision and Recall of 90% and 91% respectively. The user acceptance testing also resulted 88% this is a very good acceptance. This shows the system has registered a promising result to come up with an applicable system. But, further exploration has to be done to refine the knowledge base and boost the advantages of combining CBR with RBR. | en_US |
| dc.identifier.uri | http://etd.aau.edu.et/handle/12345678/14096 | |
| dc.language.iso | en | en_US |
| dc.publisher | Addis Ababa University | en_US |
| dc.subject | Intrusion detection, knowledge based system, combined Intrusion detection, combination of CBR and RBR, knowledge-based intrusion detection, combined reasoning system | en_US |
| dc.title | A Combined Reasoning System For Knowledge Based Network Intrusion Detection | en_US |
| dc.type | Thesis | en_US |