Intrusion Detection System using Ripple Down Rule learner and Genetic Algorithm

Intrusion detection system is used to identify anomalous packets in network. It can also identify unauthorized, malicious activity and malicious code in network. Currently, differnet apporaches of network intrusion detection systems are proposed by researchers. The classification based techniques has some issues such as model overfitting and classification evaluation. The challenging task in intrusion detection is to reduce the false positives and increase classification accuracy. The rule based techniques are simple, advanced and help to reduce the false positives. The rule-based intrusion detection systems and their performances mainly depend on the rule sets. But rules formation becomes a tedious and time consuming task due to the enormous amount of network traffic. In this paper, a novel architecture for intrusion detection system is presented which we call as RDRID. The RDRID is simple and advanved rule based intrusion detection system that reduce false positives and increase classification accuracy. In our implementation, we make use of Ripple Down Rule learner as classifier with Genetic Algorithm based features selection. The Genetic Algorithm is used to select the relevant features from training dataset. The performance of the proposed technique is evaluated in terms of classification accuracy, model building time and False Positive rates. The experimental results show that the proposed approach outperforms existing standard classifier. Keywords—Ripple Down Rule, Genetic Algorithm, False Positive rate, Accuracy, Classification