An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activities and issues alerts when such activities are discovered. If an intruder is able to exploit any kind of vulnerability then he/she is able to steal, modify, delete personal data of a person. The primary function of IDS is anomaly detection and reporting, but few intrusion detection systems are capable of taking actions when malicious activity or anomalous traffic is detected, including blocking traffic sent from suspicious IP addresses. The continued ability to detect malicious network intrusions has become an exercise in scalability, in which data mining techniques are playing an increasingly important role. The objective of this chapter is to simulate IDS using data mining technique on some public and private datasets such as virtualized, synthesized, and realistic.
TopIntroduction
In last few decades, the applications of wireless network increase rapidly due to its various autonomous and efficient facilities (Bosch et al., 2020). A wireless network is the data communication system amongst multiple nodes. It is a method by which a house, organization or any system can reduce the costliest wired connection throughout their buildings. As its wireless so there is no medium in between rather than air. In the physical layer of the Open System Interconnection (OSI) model it has been implemented. Examples of wireless networks include cell phone networks, Wireless Local Area Networks (WLANs) (Raschellà et al., 2020), Wireless Sensor Networks (WSNs) (Das et al., 2013; Das et al., 2014; De et al., 2020), Wireless Ad-hoc Network (WANET) (Das & Tripathi, 2019; Das & Tripathi, 2018, Das & Tripathi, 2018; Das & Tripathi, 2017; Das et al., 2020) satellite communication networks, terrestrial microwave networks, etc. There are several components of wireless network that help to achieve the goal such as user devices, radio Network Interface Cards (NICs), Access Points (AP), routers, repeaters, antennae, etc. There are several applications of wireless network in terms of vehicles, emergency, business, replacement of wired network, location dependent service, entertainment, education, etc. There are several limitations of wireless network compared to wire network such as file-sharing transfer speeds are normally slower with wireless networks. Setting up a wireless network often difficult for non-experienced people. Speed also less compare to wired communication. There is some vulnerability by exploiting which an intruder can cause harm or that simply known as intrusion like: weak password, denial of service, insecure host, weak firewall, no gateway protection, neglected security software maintenance.
An Intrusion Detection System (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered (Mahdavi et al., 2020; Krzysztoń & Marks, 2020). It is a software application that scans a network or a system for harmful activity or policy breaching. Any malicious venture or violation is normally reported either to an administrator or collected centrally using a Security Information and Event Management (SIEM) system. A SIEM system integrates outputs from multiple sources and uses alarm filtering techniques to differentiate malicious activity from false alarms.
Although, intrusion detection systems monitor networks for potentially malicious activity, they are also disposed to false alarms. Hence, organizations need to fine-tune their IDS products when they first install them. It means properly setting up the intrusion detection systems to recognize what normal traffic on the network looks like as compared to malicious activity. Intrusion prevention systems also monitor network packets inbound the system to check the malicious activities involved in it and at once sends the warning notifications.
The rest of the paper is divided as follows. Section 2 highlights some existing work related to some routing techniques. Section 3 shows the basic preliminaries. Section 4 shows details of main proposed method. Section 5 indicates simulation analysis part. Finally, in Section 6 conclude the paper.