Bayesian Classification Model for Network Intrusion Detection Using Clustering Analysis

Abstract

In order to construct an IDS that is both computationally effective and efficient, the goal of this work is to pinpoint significant decreased input characteristics. For this, we use information gain, gain ratio, and correlation-based feature selection to examine the effectiveness of three common feature selection techniques. NSL KDD dataset to identify assaults on the four attack types: Probe (information gathering), DoS (denial of service), U2R (user to root), and R2L (remote to local). The signatures of known attacks are often kept in a regularly updated database. It must be educated for new attacks before it can detect them. The goal of anomaly detection is to spot behavior that deviates from the usual. This method revolves around the recognition of unusual traffic patterns. Two methods are frequently used for feature reduction. A Wrapper assesses the value of features using the intended learning method itself, whereas a filter does so using heuristics based on the overall properties of the data.