1 Production Engineering and Metallurgy Department University of Technology, Baghdad, Iraq

2 Department of Computer Science, University of Technology, Baghdad, Iraq


Network intrusion detection system (NIDS) is a software system which plays an important role to protect network system and can be used to monitor network activities to detect different kinds of attacks from normal behavior in network traffics. A false alarm is one of the most identified problems in relation to the intrusion detection system which can be a limiting factor for the performance and accuracy of the intrusion detection system. The proposed system involves mining techniques at two sequential levels, which are: at the first level Naïve Bayes algorithm is used to detect abnormal activity from normal behavior. The second level is the multinomial logistic regression algorithm of which is used to classify abnormal activity into main four attack types in addition to a normal class. To evaluate the proposed system, the KDDCUP99 dataset of the intrusion detection system was used and K-fold cross-validation was performed. The experimental results show that the performance of the proposed system is improved with less false alarm rate


[1] Y. R. Mukund, S. S. Nayak and K. Chandrasekaran, “Improving false alarm rate in intrusion detection systems using Hadoop,” Conf. on Advance in Computing, Communications and Informatics (ICACCI), India, Jaipur, sept.21-24, 2016.
[2] N. Gupta, K. Srivastava and A. Sharma, “Reducing false positive in intrusion detection system,” (IJCSIT) Int. Journal of Computer Science and Info. Technologies, vol.7 (3)1600-1603, ISSN: 0975-9646, 2016.
[3] J. A. Khan and N. Jain, “A survey on intrusion detection systems and classification techniques,” IJSRSET, vol 2, Issue 5, print ISSN: 2395-1990, online ISSN: 2394-4099, 2016.
[4] S. Singh and M. Bansal, “Improvement of intrusion detection system in data mining using neural network,” Int. journal of Advanced Research in Computer Science and software Eng., vol 3, ISSN: 2277 128X, Issue 9, 2013.
[5] A. Islam and M. Islam, “A novel signature based traffic classification engine reduce false alarms in intrusion detection systems,” Int. Journal of Computer Networks and Communications (IJCNC) , vol 7, No.1, 2015.
[6] B. B Gupta, R. C. Joshi and M. Misra, “Estimating strength of DDos attack using various regression models,” Int. Journal of Multimedia Intelligence and security, vol 1, No. 4, 2010.
[7] J. Soni and D. Xaxa, “An improved naïve bayes classifier for intrusion detection system,” (IJIACS) Int. Journal of Innovations and advancement in computer science, Vol 5, ISSN: 2347-8616, Issue 6, 2016.
[8] G. Keerthika and D. S. Priya, “Feature subset evaluation and classification using naïve Bayes classifier,” (JNCET) Journal of Network Communications and Emerging Technologies, vol 1, Issue 1, 2015.
[9] D. Gupta, S. Singhal, S. Malik and A. Singh, “Network intrusion detection system using various data mining techniques,” Int. conf. on Research advances integrated navigation system (RAINS-2016), 2016.
[10] M. C. Belavagi and B. Muniyal, “Performance evaluation of supervised machine learning algorithms for intrusion detection,” (IMCIP) Int. Multi-conf. on Information Processing-2016, Elsevier, vol 89, pages 117-123, 2016.
[11] C. Manju, “Performance evaluation of intrusion detection system using classification algorithms,” Int. Journal of Innovative Research in Science, Eng. and Tech., vol 6, ISSN (online): 2319-8753, ISSN (print): 2347-6710, , Issue 7, July 2017.Available:
[12] M. K. Siddiqui and Sh. Naahid, “Analysis of Kdd cup 99 dataset using clustering based data mining,” Int. Journal of database theory and application, vol.6, pp.23-34, No.5, 2013.
[13] I. A. Abdulminem and S. H. Hashim, “A proposal to detect computer worms (malicious codes) using data mining classification algorithms,” Eng. and Tech. Journal, Vol 31, No 2, 2013.
[14] V. D. Katkav and D. S. Bhatia, “Lightweight approach for detection of denial of service attacks using numeric to binary preprocessing,”(CSCITA) Int. Conf. on Circuits, Systems, Communication and Info. Tech. Application, 2014.
[15] K. Goeschel, “Reducing false positives in intrusion detection systems using data-mining techniques utilizing support vector machines, decision trees and naïve Bayes for off-line analysis,” Int. Conf. on 30 March-3 April 2016, USA, 7506774, July 2016.
[16] S. M. Shareef and S. H. Hashim, “Intrusion detection system based on data mining techniques to reduce false alarm rate,” Eng. and Tech. Journal, Vol. 36, Part B, No. 2, 2018.
[17] Y. Wahba, E. Elsalamouny and G. El Taweel, May, “Improving the performance of multi-class intrusion detection systems using features reduction,” (IJCSI) Int. Journal of computer science Issues, Vol 12, Issue 3, ISSN (print):1694-0814, ISSN (online):1694-0784, 2015. Available: