Machine Learning Techniques for Intrusion Detection
This addresses the need for more adaptive IDS to protect computer networks from malicious activities, but it appears incremental as it reviews and compares existing methods.
The paper tackles the problem of improving intrusion detection systems (IDS) by studying machine learning techniques to handle dynamic cyber attacks, resulting in higher detection rates and lower false alarm rates.
An Intrusion Detection System (IDS) is a software that monitors a single or a network of computers for malicious activities (attacks) that are aimed at stealing or censoring information or corrupting network protocols. Most techniques used in today's IDS are not able to deal with the dynamic and complex nature of cyber attacks on computer networks. Hence, efficient adaptive methods like various techniques of machine learning can result in higher detection rates, lower false alarm rates and reasonable computation and communication costs. In this paper, we study several such schemes and compare their performance. We divide the schemes into methods based on classical artificial intelligence (AI) and methods based on computational intelligence (CI). We explain how various characteristics of CI techniques can be used to build efficient IDS.