Special Issue Published in International Journal of Trend in Research and Development (IJTRD), ISSN: 2394-9333, www.ijtrd.com National Conference on Prominent Challenges in Information Technology (PCIT) organized by Computer Science Technical Association (ComSTA), 8th Dec 2015 A Comparability Study of Intrusion Detection System using Data Mining Techniques K. Raja 1 , Dr. M. Lilly Florence 2 , and Dr. D. Swamydoss 3 Assistant Professor 1 , Professor 2 , Professor & HOD 3 Department of MCA, Adhiyamaan College of Engineering, Hosur, TamilNadu, India. ABSTRACT: The Main objective of this paper is to avoid the intrusion using data mining techniques with help of multi agents. Data mining is a discovery process that allows users to understand the substance of and the relationships between, their data. Data mining uncovers patterns and rends in the contents of this information. Intrusion detection systems have been used along with the data mining techniques to detect intrusions. In this work we aim to use data mining techniques including classification tree and support vector machines for intrusion detection. To meet the challenges of both efficient learning (mining) and real-time detection, we propose an agent based architecture for intrusion detection systems where the learning agents continuously compute and provide the updated (detection) models to the detection agents. Intrusion detection is therefore needed as another wall to protect computer systems. Keywords: Data Mining, Intrusion Detection System (IDS), Preprocessing, Decision Tree, Clustering Techniques, Intrusion Detection Technique. I. INTRODUCTION Intrusion detection can be defined as identifying individuals who are using a computer system without authorization and those who have legitimate access to the system but are abusing their privileges. Intrusion Detection system (IDS) prepare for and deal with attacks by collecting information from a variety of system and network sources, then analyzing the symptoms of security problems. A secure network must provide the following: Data confidentiality: Data that are being transferred through the network should be accessible only to those that have been properly authorized. Data integrity: Data should maintain their integrity from the moment they are transmitted to the moment they are actually received. No corruption or data loss is accepted either from random events or malicious activity. Data availability: The network should be resilient to Denial of Service attacks [1] . II. DATA MINING Data mining refers to extracting or “mining” knowledge from large amounts of data “Knowledge mining,” a shorter term, may not reflect the emphasis on mining from large amounts of data. Nevertheless, mining is a vivid term characterizing the process that finds a small set of precious nuggets from a great deal of raw material (Figure 1). Thus, such a misnomer that carries both “data” and “mining” became a popular choice. Many other terms carry a similar or slightly different meaning to data mining, such as knowledge mining from data, knowledge extraction, data/pattern analysis, data archaeology, and data dredging. Many people treat data mining as a synonym for another popularly used term, Knowledge Discovery from Data, or KDD. Alternatively, others view data mining as simply an essential step in the process of knowledge discovery. Figure 1: Data Mining Process Data mining or knowledge discovery in databases, as it is also known is the non-trivial extraction of implicit, previously unknown and potentially useful information from the data. This encompasses a number of technical approaches, such as clustering, data summarization, classification, finding dependency networks, analyzing changes, and detecting anomalies. III. INTRUSION DETECTION SYSTEM (IDS) An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts [3] . IV. PREPOCESSING Preprocessing is the data cleaning stage where unnecessary information is removed. For example, it is unnecessary to