Optimized Packet Filtering Honeypot with Snooping Agents in Intrusion Detection System for WLAN

2018 ◽  
Vol 12 (1) ◽  
pp. 53-62 ◽  
Author(s):  
Gulshan Kumar ◽  
Rahul Saha ◽  
Mandeep Singh ◽  
Mritunjay Kumar Rai
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Wireless Lan ◽  
Network Performance ◽  
Detection System ◽  
Queuing Delay ◽  
Strongly Coupled ◽  
Network Intrusion ◽  
Simulation Scenario ◽  
The Impact

Wireless LAN networks are considered to be widely used and efficient infrastructure used in different domains of communication. In this paper, we worked on Network Intrusion Detection System (NIDS) to prevent intruder's activities by using snooping agents and honeypot on the network. The idea behind using snooping agents and honeypot is to provide network management in term of monitoring. Honey pot is placed just after the Firewall and intrusion system have strongly coupled synchronize with snooping agents Monitoring is considered at packet level and pattern level of the traffic. Simulation filtered and monitor traffic for highlight the intrusion in the network. Further attack sequence has been created and have shown the effects of attack sequence on scenario which have both honey pot and snoop agent with different network performance parameters like throughput, network load, queuing delay, retransmission attempt and packet. The simulation scenario shows the impact of attack on the network performance.

Proposed Hybrid Classifier to Improve Network Intrusion Detection System using Data Mining Techniques

2020 ◽  
Vol 38 (1B) ◽  
pp. 6-14
Author(s):  
ٍٍSarah M. Shareef ◽  
Soukaena H. Hashim
Keyword(s):  
Intrusion Detection ◽  
False Alarm ◽  
Intrusion Detection System ◽  
Detection System ◽  
Multinomial Logistic Regression ◽  
Network Intrusion Detection ◽  
Limiting Factor ◽  
Network Intrusion ◽  
Network Intrusion Detection System ◽  
Normal Behavior

Network intrusion detection system (NIDS) is a software system which plays an important role to protect network system and can be used to monitor network activities to detect different kinds of attacks from normal behavior in network traffics. A false alarm is one of the most identified problems in relation to the intrusion detection system which can be a limiting factor for the performance and accuracy of the intrusion detection system. The proposed system involves mining techniques at two sequential levels, which are: at the first level Naïve Bayes algorithm is used to detect abnormal activity from normal behavior. The second level is the multinomial logistic regression algorithm of which is used to classify abnormal activity into main four attack types in addition to a normal class. To evaluate the proposed system, the KDDCUP99 dataset of the intrusion detection system was used and K-fold cross-validation was performed. The experimental results show that the performance of the proposed system is improved with less false alarm rate.

Sign in / Sign up

Export Citation Format

Share Document