INTELLIGENT NETWORK-MISUSE-DETECTION-SYSTEM USING NEUROTREE CLASSIFIER

Intrusion detection systems (IDSs) are designed to distinguish normal and intrusive activities. A critical part of the IDS design depends on the selection of informative features and the appropriate machine learning technique. In this paper, we investigated the problem of IDS from these two perspectives and constructed a misuse based neurotree classifier capable of detecting anomalies in networks. The major implications of this paper are a) Employing weighted sum genetic feature extraction process which provides better discrimination ability for detecting anomalies in network traffic; b) Realizing the system as a rule-based model using an ensemble efficient machine learning technique, neurotree which possesses better comprehensibility and generalization ability; c) Utilizing an activation function which is targeted at minimizing the error rates in the learning algorithm. An extensive experimental evaluation on a database containing normal and anomaly traffic patterns shows that the proposed scheme with the selected features and the chosen classifier is a state-of-the-art IDS that outperforms previous IDS methods.