A Multi-Source Data Oriented Network Intrusion Detection Framework Based on Rough Set

Network Intrusion Detection System (IDS) plays an important role in defending against more and more network malicious attacks. As the structure of IDS is growing more and more complex, both the varieties and quantities of the network security devices in IDS are constantly growing, and the size of data that need to process in IDS is also growing rapidly. As a result, there is a need for a framework that can detect network attacks accurately and effectively, while can process multi-source data at the same time. In this paper, we propose a new multi-source data oriented framework based on Rough Set for network intrusion detection. The experimental results show the proposed framework reduces the false alarm rate and improves overall detection accuracy. Furthermore, practical applications show that the framework can handle a large size of data in a complex IDS.