Skip to Main Content
Efficiency is one of the major issues in intrusion detection. Inefficiency is often attributed to high overhead and this is caused by several reasons. Among them are continuous detection and the use of full feature set to look for intrusive patterns in the network packet. The purpose of this paper are; to address the issue of continuous detection by introducing traffic monitoring mechanism and a lengthy detection process by selectively choose significant features to represent a network connection. In traffic monitoring, a new recognition paradigm is proposed in which it minimizes unnecessary recognition. Therefore, the purpose of traffic monitoring is two-folds; to reduce amount of data to be recognized and to avoid unnecessary recognition. Empirical results show 30 to 40 percent reduction of normal connections is achieved in DARPA KDDCup 1999 datasets. Finally we assembled Adaptive Neural Fuzzy Inference System and Linear Genetic Programming to form an ensemble classifiers. Classification results showed a small improvement using the ensemble approach for DoS and R2L classes.