Evaluation of Agent Based Host Intrusion Detection System (AHIDS) through Various Classification Techniques | Original Article

ABSTRACT:

Intrusion-detection-system (IDS) is the necessary part of the system form security point of view. It comes in both hardware and software IDS. Primary works of IDS is the recognized and differentiate between usual and unusual things that are happing in the system and show unusual thing as intrusion. At present unusual activity in the system are growing every year so improvement in existing IDS is always required. This paper is presents two thing, one is the concept of new host based IDS which used agent based mechanism to find intrusion on a host so it become host based intrusion detection system (AHIDS) and second is the selection of good classification technique for IDS. Selection of good classification technique is necessary because it is provide more accurate and prediction analysis on large amount of record set and IDS uses such type of data set for finding intrusions. Proposed AHIDS using three agent like PE, RA and DB agent where PE is the packet capturing and extracting agent, RA is rule agent and DB is the database agent. All agents are work together that means PE agent pass data to DB agent and RA agent collect data from DB agent. For the selection of good classification technique, proposed AHIDS comparing five different classification techniques like Naïve-Bayes, K-nearest- neighbors, SVM, J48, and Random-Forest. NSL-KDD data set is used for results examination.