Faculty of Information Technology holds a lecture titled: “Multi-classifier systems for network anomaly detection and features selection”
On 22 February 2011, the Faculty of Information Technology holds a lecture titled: "Multi-classifier systems for network anomaly detection and features selection," delivered by Dr. Mahmoud Jazzar from the Computer Science Dept. at BZU.
Due to the irrelevant patterns and noise of network data, most of network intrusion detection sensors suffer from the false alerts which the sensors produce. This condition gets worse when deploying intrusion detection measures in real-time environments. In addition, most of the existing IDS sensors consider all network packets features. Using all packets features for network intrusion detection will result in lengthy and contaminated intrusion detection process. In this study, we present a new multi-classifier system process for intrusion detection and we highlight the necessity of using important features in various anomaly detection cases. The basic idea is to quantify the causal inference relation to attacks and attacks free data to determine the attack detection and the severity of odd packets. Initially, we refine the data patterns and attributes to classify the training data and then we use the SOM clustering method and the fuzzy cognitive maps diagnosis to replicate attacks and normal network connection. The experimental results shows that the classifiers gives better representation of normal and attack connection using significant features. A demo for applying the data engine (classifiers) at enterprise level security is also provided.