A new adaptive intrusion detection system based on the intersection of two different classifiers

被引：10

作者：

Ahmim, A. ^{[1
]}

Ghoualmi-Zine, N. ^{[1
]}

机构：

[1] Laboratory of Computer Networks and Systems, Department of Computer Science, Badji Mokhtar-Annaba University, Annaba

来源：

International Journal of Security and Networks | 2014年 / 9卷 / 03期

关键词：

Fuzzy unordered rule induction algorithm; Hierarchical IDS; Hybrid IDS; IDS; Intrusion detection system; Random forests;

D O I：

10.1504/IJSN.2014.065710

中图分类号：

学科分类号：

摘要：

Nowadays, the intrusion detection system (IDS) has become one of the most important weapons against cyber-attacks. The simple single-level IDS cannot detect both attack types and normal behaviour with high detection rate. To overcome this limit, we propose a new approach for intrusion detection. The idea of this paper is to use two different classifiers iteratively, where each-iteration represents one level in the built model. To ensure the adaptation of our model, we add a new level whenever the sum of new attacks and the rest of the training dataset reaches the threshold. To build our model, we have used Fuzzy Unordered Rule Induction Algorithm and Random Forests as classifiers. The experiment on the KDD99 dataset shows the high performance of our model that demonstrates its ability to detect the low frequent attack without losing their high performance in the detection of frequent attack and normal behaviour. Furthermore, our model gives the highest detection rate and the highest accuracy, compared with some models well known in the literature related to intrusion detection. Copyright © 2014 Inderscience Enterprises Ltd.

引用

页码：125 / 132

页数：7

共 26 条

[1]

Abbes T., Bouhoula A., Rusinowitch M., Efficient decision tree for protocol analysis in intrusion detection, Int J. of Security and Networks, 5, 4, pp. 220-235, (2010)

[2]

Axelsson S., Intrusion detection systems: A survey and taxonomy, Technical Report 99-15, (2000)

[3]

Breiman L., Random forests, Machine Learning, 45, 1, pp. 5-32, (2001)

[4]

Cannady J., Artificial neural networks for misuse detection, Proceedings of the 21st National Information Systems Security Conference, pp. 368-381, (1998)

[5]

Chimphlee W., Addullah A.H., Sap M.N.M., Srinoy S., Chimphlee S., Anomaly-based intrusion detection using fuzzy rough clustering ICHIT '06: Proceedings of the 2006 International Conference on Hybrid i nformation Technology, IEEE Computer Society Washington, 1, pp. 329-334, (2006)

[6]

Cohen W., Fast effective rule induction ICML 1995, Proceedings of the 12th International Conference on Machine Learning, pp. 115-123, (1995)

[7]

Cole E., Krutz R., Conley J., Network Security Bible, (2005)

[8]

Debar H., Dacier M., Wespi A., A revised taxonomy for intrusion detection systems, Annals of Telecommunications, 55, 7-8, pp. 361-378, (2000)

[9]

Gogoi P., Bhattacharyya D.K., Kalita J.K., A rough set -based effective rule generation method for classification with an application in intrusion detection' , Int, J. of Security and Networks, 8, 2, pp. 61-71, (2013)

[10]

Huhn J., Hullermeier E., FURIA: An algorithm for unordered fuzzy rule induction, Data Mining and Knowledge Discovery, 19, 3, pp. 293-319, (2009)

← 1 2 3 →