Abstract:
Significant security problem for networked systems is hostile trespass by users or software. Intruder is one of the most publicized threats to security. In point of fact, most of the current systems are weak at detecting novel attacks without generating false alarms. This study proposes a solution to such limitations through data mining-based Network Intrusion Detection System NIDS. The proposed framework combines both misuse and anomaly detection techniques using data mining approaches such as decision tree (C5.0 algorithm) and distance-based clustering (Two-steps algorithm). As case study, the proposed framework is implemented to CCSIT (College of Computer Science and Information Technology) Network at Sudan University of Science and Technology (SUST), which clearly shows and reflects its applicability and effectiveness. Conclusively, the derived experimental results confirm that using of data mining approaches for both misuse and anomaly detection has a great promise in network security context.
