ABSTRACT
In this chapter, we address hybrid intrusion detection techniques, which we categorize into three groups based on di®erent combinational methods. We then analyze the ability of the hybrid methods to guide the design and development of these systems using results obtained by previous researchers. Furthermore, we investigate how to design and employ hybrid systems to raise the detection rate for known intrusions and decrease the false-positive rate for unknown attacks. Several intrusion detection system/machine-learning hybrids are demonstrated, and their abilities for intrusion detection are analyzed. —e techniques we explore in this chapter are artiƒcial neural network, association rules, random forest classiƒers, and other machine-learning algorithms. As hybrid systems are normally generated based on the existing anomaly and misuse detection systems, we do not analyze the mechanism of machine-learning methods and their applications in intrusion detection. For that information, please refer to Chapters 3 and 4.
