Intrusion Detection System (IDS) for Wireless Ad-hoc Networks using Evolution Identification on Streaming Network Data for Detecting Unknown Network Attacks

Over last few decades design of Network Intrusion Detection System (NIDS) has been a challenging problem faced by research community. Although various approaches have been proposed to design efficient NIDS the engineering challenges still remain. Detection of unknown network attacks is one such challenge. Growing convergence of networks aided by complexity and wide reach of networks is fueling emergence of new types of network attacks, which traditional NID systems are failing to detect. In this paper we present a NIDS design scheme that efficiently detects such new and unknown network attacks.  To address the problem unlike other approaches we assume continuous streamed network data. We then use cosine similarity on KDD99 labeled data set to build feature space. We then use ensemble of multi-classifiers to effectively classify known attacks and normal traffic. For detecting unknown attack we design a new algorithm using q-neighborhood silhouette coefficient for cohesion measurement and mean-square contingency coefficient for correlation measurement on outlier data.