Host-Based Intrusion Detection and Prevention System based on Machine Learning Algorithms

Abstract

An intrusion detection system gathers, analyzes packets and generates an alert which reports the security violations to the system analyst. Host-based Intrusion Detection and Prevention System (HIDPS) track intrusions from the host side and works for intrusion detection and prevention. IDS face many challenges regarding performance accuracy, speedup and time consumption. Due to the complexity of the network, more numbers of alerts are generated which becomes unmanageable by the system analyst. Network Intrusion Detection often faces challenges in constructing classifiers that could handle the distribution of attack categories in KDDCup 99 datasets.  In the implementation of HIDPS, there are different techniques used. The main aim of this paper exhibits a mechanism for HIDPS. This paper also computes the algorithmic complexity of various techniques used by the Host-based Intrusion Detection System. The time complexity is calculated to show the run time taken by each algorithm and space complexity concentrates on the space and the auxiliary space taken by the intrusion detection process while executing. Review on different host-based intrusion detection techniques is made and comparisons between these methods are done based on the Space complexity and the time complexity. The results can be utilized to select apt IDS for the required application.