Title: Enhancing Performance of Intrusion Detection System Against KDD99 Dataset Using Evidence Theory

Issue Number: Vol. 5, No. 2
Year of Publication: Jun - 2016
Page Numbers: 106-114
Authors: Vrushank Shah, A. K. Aggarwal
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P002067

Abstract:


The rapid growth of internet and its related technology requires an efficient method to detect intrusion or attack in the network. Intrusion detection system is a system that detect an attack and raise an alert for any abnormal situation. However, the existing intrusion detectors produces a large number of false alerts and it became a difficult situation for a network administrator to cope with large number of false alerts. To overcome such situation and to increase the detection rate of intrusion detection system we propose a method to fuse alerts from multiple intrusion detection system using evidence theory. Evidence theory is a mathematical theory of evidence which is used to fuse evidence from multiple sources of evidence and outputs a global decision. The work in these paper discusses the limitations and issues with evidence theory and proposes a modified framework for fusion of multiple intrusion detection system.