Pattern Based Network Security Using Semi-supervised Learning

Network security is becoming increasingly important in today’s internet-worked systems. With the development of internet, its use on public networks, the number and the severity of security threats has increased significantly. Intrusion Detection System can provide a layer of security to these systems. Intrusion Detection can be defined as "the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource”. More specifically, the goal of intrusion detection system is to identify entities who attempt to subvert in-place security controls. At present, two fundamental problems, quantity and quality of the outputs i.e. false alarms or alerts of IDS, have not been solved well. The pattern of attack changes frequently. Thus IDS should upgrade accordingly. The changes in patterns are mainly the manifestations of attack. Pattern based IDS provides very low false alarms as compare to heuristic/anomaly based IDS. In real world it is very difficult to have large labeled data for training. Supervised approach can't be used in this case. So in this work we propose a semi-supervised approach for pattern based IDS. Our approach uses supervised algorithm as a black box and then filters the unlabelled data with predicted label for training the system. The experimentation is performed on KDD CUP99 dataset and NSL KDD data which is revised KDD CUP 99 data.