A New Host-Based Hybrid IDS Architecture - A Mind Of Its Own: The Know-how Of Host-Based Hybrid Intrusion Detection System Architecture Using Machine Learning Algorithms With Feature Selection

In a world where our every day life depends on what is going on in the gap between stimulus and reaction, Intruders could make the decision for you. Unless they are detected on time! Network security has been an issue since computers have been networked together. Lots of vulnerabilities, risks and threats came to the scene. An important security product that has emerged is Intrusion Detection Systems (IDS). The author proposes a new Host-Based Hybrid Intrusion Detection System. The Intrusion Detection Analyzer Module consists of two analyzers that work in a hybrid architecture: Anomaly Detection Analyzer and Misuse Detection Analyzer. This way, the Anomaly Detection Analyzer is trained with attack-free session data and normal behaviour is learnt so it raises an alarm when it detects a deviation from this normal behaviour. Self Organizing Map, an unsupervised machine learning algorithm, is used. The Misuse Detection Analyzer uses a C4.5 Decision Tree. Finally, Decision Making Module decides whether the session is normal or an attack. The proposed hybrid architecture works very accurately. It is an essential book. Any professional can benefit from such a lecture.