International Journal of Computer Applications |
Foundation of Computer Science (FCS), NY, USA |
Volume 49 - Number 10 |
Year of Publication: 2012 |
Authors: M. Moorthy, S. Sathiyabama |
10.5120/7663-0774 |
M. Moorthy, S. Sathiyabama . A Hybrid Data Mining based Intrusion Detection System for Wireless Local Area Networks. International Journal of Computer Applications. 49, 10 ( July 2012), 19-28. DOI=10.5120/7663-0774
The exponential growth in wireless network faults, vulnerabilities, and attacks make the WLAN security management a challenging research area [29]. Data mining applied to intrusion detection is an active area of research. The main reason for using data mining techniques for intrusion detection systems is due to the enormous volume of existing and newly appearing network data that require processing. Data mining follows anomaly based intrusion detection. The drawback of the anomaly based intrusion detection in a wireless network is the high rate of false positive. This can be solved by a designing a hybrid intrusion detection system by connecting a misuse detection module to the anomaly detection module. In this paper, we propose to develop a hybrid intrusion detection system for wireless local area networks, based on Fuzzy logic. In this Hybrid Intrusion Detection system, anomaly detection is performed using the Bayesian network technique and misuse detection is performed using the Support Vector Machine (SVM) technique. The overall decision of system is performed by the fuzzy logic. For anomaly detection using Bayesian network, each node has a monitoring agent and a classifier within it for its detection and a mobile agent for information collection. The anomaly is measured based on the naïve Bayesian technique. For misuse detection using SVM, all the data that lie within the hyper plane are considered to be normal whereas the data that lie outside the hyper plane are considered to be intrusive. The outputs of both anomaly detection and misuse detection modules are applied by the fuzzy decision rules to perform the final decision making. Hybrid detection system improves the detection performance by combining the advantages of the misuse and anomaly detection [33].