Modified parallel random forest for intrusion detection systems

Intrusion detection system (IDS) is one of the important elements for providing the security in networks. Increasing the number of network-based applications on the one hand and increasing the data volumes on the other hand forced the designers to conduct some research on the novel methods for improving network security. One of the recent efforts to improve IDS performance is developing the machine learning algorithms. Random forest is one of the powerful algorithms employed in data mining. It operates based on classifier fusion principles and is implemented as detection engine in some anomaly-based IDSs. In this paper, we present a novel parallel random forest algorithm for intrusion detection systems. The original random forest algorithm has some weaknesses in feature selection, selecting efficient numbers of classifiers, number of random features for training and also in combination steps. In this research we investigate aforementioned challenges and propose solutions for them. The simulation results show the superiority of our method regarding performance, scalability and cost of misclassified samples in our method in comparison with the original random forest algorithm and Hadoop-based version of the random forest.