A network user's abnormal behavior detection approach based on selective collaborative learning

被引:0
作者
Lu, You [1 ,2 ]
Li, Wei [1 ]
Luo, Jun-Zhou [1 ]
Jiang, Jian [1 ]
Xia, Nu [1 ]
机构
[1] School of Computer Science and Engineering, Southeast University
[2] School of Electronic and Information Engineering, Suzhou University of Science and Technology, Suzhou
来源
Jisuanji Xuebao/Chinese Journal of Computers | 2014年 / 37卷 / 01期
关键词
Abnormal user behavior detection; Collaborative learning; Machine learning; Selective ensemble learning; SVM;
D O I
10.3724/SP.J.1016.2014.00028
中图分类号
学科分类号
摘要
Machine learning techniques have been widely used in methods of network user's abnormal behavior detection. With the development of network, traditional detection methods cannot detect abnormal behavior accurately and quickly for their shortcomings such as cannot deal with unbalanced training data, huge demand for training data's label and so on. So this paper proposes a detection method based on selective collaborative learning. It uses improved EasyEnsemble algorithm to generate balanced training data. To improve the accuracy and reduce the cost of training, this method uses mixed perturbation algorithm to construct differentiated member classifiers and uses selective collaborative learning method to train them. Finally this method builds ensemble classifier according member classifiers' accuracy. Experiments showed this method can quickly and accurately detect abnormal behavior while reducing the demand for labeled training data.
引用
收藏
页码:28 / 40
页数:12
相关论文
共 25 条
[1]  
Luo J.-Z., Han Z.-G., Wang L.-M., Trustworthy and controllable network architecture and protocol framework, Chinese Journal of Computers, 32, 3, pp. 391-404, (2009)
[2]  
Lin C., Lei L., Research on next generation Internet architecture, Chinese Journal of Computers, 30, 5, pp. 693-711, (2007)
[3]  
Chauhan A., Mishra G., Kumar G., Survey on data mining techniques in intrusion detection, International Journal of Scientific & Engineering Research, 2, 7, pp. 1-4, (2011)
[4]  
Xie M., Hu J., Han S., Chen H.-H., Scalable hyper-grid k -NN-based online anomaly detection in wireless sensor networks, IEEE Transactions on Parallel and Distributed Systems, 24, 8, pp. 1661-1670, (2012)
[5]  
Zhao J.-H., Li W.-H., Intrusion detection based on improved SOM with optimized GA, Journal of Computers, 8, 6, pp. 1456-1463, (2013)
[6]  
Jain R., Abouzakhar N.S., Hidden Markov model based anomaly intrusion detection, Proceedings of the International Conferece for Internet Technology and Secured Transactions, pp. 528-533, (2012)
[7]  
Eid H.F., Darwish A., Hassanien A.E., Kim T.-H., Intelligent hybrid anomaly network intrusion detection system, Communications in Computer and Information Science, 265, pp. 209-218, (2012)
[8]  
Sivatha Sindhu S.S., Geetha S., Kannan A., Decision tree based light weight intrusion detection using a wrapper approach, Expert Systems with Applications, 39, 1, pp. 129-141, (2012)
[9]  
Sangkatsanee P., Wattanapongsakorn N., Charnsripinyo C., Practical real-time intrusion detection using machine learning approaches, Computer Communications, 34, 18, pp. 2227-2235, (2011)
[10]  
Horng S.-J., Su M.-Y., Chen Y.-H., Et al., A novel intrusion detection system based on hierarchical clustering and support vector machines, Expert Systems with Applications, 38, 1, pp. 306-313, (2011)
123