Improved Performance of Network Attack Detection using Combination Data Mining Techniques

Network Attack detection is very important mechanism for detecting attack in computer networks. Data mining techniques play very important role in detecting intrusions in computer networks. Intrusions can damage to the data and compromise integrity and confidentiality and availability of the data. Intrusions are the activities that violate the security policy of system. Intrusion Detection is the process used to identify network attack. Network security is to be considered as a major issue in recent years, since the computer network keeps on expanding every day. A Network Attack Detection System (NADS) is a system for detecting intrusions and reporting to the authority or to the network administration. Data mining techniques have been applied in many fields like Network Management, Education, Science, Business, Manufacturing, Process control, and Fraud Detection. Data mining algorithms like J48, Randam Forest ,Random Tree, Hoefding Tree and Rep Tree are used to build intrusion detection models using KDD CUP 1999. The performance of network attack detection model is evaluated using KDD CUP 1999 test dataset using series of experiments and measured using correct classi?cation and detection of attack. The combination of data mining algorithm will increase performance of network attack detection i.e false positive and false negative, novel or unknown attacks

Anomaly Internet Network Traffic Detection by Kernel Principle Component Classifier

As a crucial issue in computer network security, anomaly detection is receiving more and more attention from both application and theoretical point of view. In this paper, a novel anomaly detection scheme is proposed. It can detect anomaly network traffic which has extreme large value on some original feature by the major component, or does not follow the correlation structure of normal traffic by the minor component. By introducing kernel trick, the nonlinearity of network traffic can be well addressed. To save the processing time, a simplified version is also proposed, where only major component is adopted. Experimental results validate the effectiveness of the proposed scheme