Abstract
The widespread development of using networks and relying on it and the emergence of many challenges faced by so many institutes like ministry of defense, intelligence agencies , banks, universitie...etc which depend heavily on service provided by those networks, resulted in the emergence of a new security concept towards building new security systems known as " Intrusion Detection Systems". The current study aims at detecting the known and unknown attacks as well as classifying the known ones. A network intrusion detection system is developed using AntMiner algorithm, which is one of the Swarm Intelligence which assimilate , the behavior of natural environment of ants. It is used to investigate the training data and getting the basic classification which is helpful in classifying the attacks in the tests data. The KDD Cup 1999 dataset concerned in constructing and evaluating intrusion systems which includes Training Dataset of 494021 in number as well as the testing dataset of 311029 in number. Experiments are conducted on the system using data sets and the complete tests. The results show that the detection rate using the SOM is: 92.37% and false alarm is: 4.67% and classification rate using Ant-Miner algorithm is : DOS(Denial of Service) 96.15 %, U2R(User to Root) 97.13%, Normal 94.50%, probe 72.90%, R2L(Remote to Local) 13.88%. These results show the effectiveness of SOM and Ant-Miner algorithms in the field of network security