Dual-stage intrusion detection for class imbalance scenarios

被引:8
作者
Panigrahi R. [1 ]
Borah S. [1 ]
机构
[1] Sikkim Manipal University
来源
Computer Fraud and Security | 2019年 / 2019卷 / 12期
关键词
Compilation and indexing terms; Copyright 2024 Elsevier Inc;
D O I
10.1016/S1361-3723(19)30128-9
中图分类号
学科分类号
摘要
In the early morning of 12 May 2017, WannaCry, a class of self-propagating malware, attacked the UK's National Health Service (NHS) hospital network.1 It was estimated that a total of 50,000 NHS systems were affected.2 WannaCry ransomware and other threats of this type are generally propagated through the Internet or networks. The lethal behaviour of these threats is visible once they start controlling the entire system. This is where the role of an intrusion detection system (IDS) comes into the picture. An effective IDS acts as a second line of defence and comes into action when a firewall fails to detect a threat. The deficiency of firewalls clearly indicates why IDS solutions are progressively more important in the context of hosts in a network of systems. An intrusion detection system (IDS) encounters many challenges when trying to identify dangerous activity. One of these is the high class imbalance nature of class labels. Classification and detection models based on high class imbalance datasets tend to be biased to the classes having the majority of instances. Ranjit Panigrahi and Samarjeet Borah of Sikkim Manipal University propose a dual-stage intrusion detection framework that will remain stable even with such a high class imbalance dataset. © 2019 Elsevier Ltd
引用
收藏
页码:12 / 19
页数:7
相关论文
共 28 条
[1]  
Scaife N., Traynor P., Butler K., ‘Making sense of the ransomware mess (and planning a sensible path forward)’, IEEE Potentials, 36, 6, pp. 28-31, (2017)
[2]  
Chen Q., Bridges R.A., ‘Automated behavioral analysis of malware: A case study of Wannacry ransomware’, 16th IEEE International Conference on Machine Learning and Applications (ICMLA), pp. 454-460, (2017)
[3]  
Benkhelifa E., Welsh T., Hamouda W., ‘A critical review of practices and challenges in intrusion detection systems for IoT: toward universal and resilient systems’, IEEE Communications Surveys Tutorials, 20, 4, pp. 3496-3509, (2018)
[4]  
Jouad M., Diouani S., Houmani H., Zaki A., ‘Security challenges in intrusion detection’, International Conference on Cloud Technologies and Applications (CloudTech), pp. 1-11, (2015)
[5]  
Shroff K.P., Maheta H.H., ‘A comparative study of various feature selection techniques in high-dimensional data set to improve classification accuracy’, International Conference on Computer Communication and Informatics (ICCCI), pp. 1-6, (2015)
[6]  
Shakeel F., Sabhitha A.S., Sharma S., ‘Exploratory review on class imbalance problem: An overview’, 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1-8, (2018)
[7]  
Roffo G., Melzi S., Castellani U., Vinciarelli A., ‘Infinite latent feature selection: A probabilistic latent graph-based ranking approach’, In proceedings of the IEEE International Conference on Computer Vision, pp. 1398-1406, (2017)
[8]  
Perez J.M., Muguerza J., Arbelaitz O., Gurrutxaga I., Martin J.I., ‘Combining multiple class distribution modified sub-samples in a single tree’, Pattern Recognition Letters, 28, 4, pp. 414-422, (2007)
[9]  
Ibarguren I., Perez J.M., Muguerza J., Gurrutxaga I., Arbelaitz O., ‘Coverage-based resampling: Building robust consolidated decision trees’, Knowledge-Based Systems, 79, pp. 51-67, (2015)
[10]  
Adnan M.N., Islam M.Z., ‘Forest PA: Constructing a decision forest by penalizing attributes used in previous trees’, Expert Systems with Applications, 89, pp. 389-403, (2017)
123