INTELLIGENT NETWORK-MISUSE-DETECTION-SYSTEM USING NEUROTREE CLASSIFIER

被引:1
作者
Muthukumar, B. [1 ]
Sindhu, S. S. Sivatha [2 ]
Geetha, S. [3 ]
Kannan, A. [4 ]
机构
[1] Syed Ammal Engn Coll, Dept Informat Technol, Ramanathapuram, India
[2] Shan Syst, Secur Associate, New Brunswick, NJ USA
[3] Sch Comp Sci & Engn, Madras, Tamil Nadu, India
[4] Anna Univ, Sch Informat Sci & Technol, Madras 600025, Tamil Nadu, India
关键词
intrusion detection system; misuse detection; genetic algorithm; neural network; decision tree; neurotree; FEATURE-SELECTION; ANOMALY DETECTION; ALGORITHMS;
D O I
10.14311/NNW.2015.25.027
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Intrusion detection systems (IDSs) are designed to distinguish normal and intrusive activities. A critical part of the IDS design depends on the selection of informative features and the appropriate machine learning technique. In this paper, we investigated the problem of IDS from these two perspectives and constructed a misuse based neurotree classifier capable of detecting anomalies in networks. The major implications of this paper are a) Employing weighted sum genetic feature extraction process which provides better discrimination ability for detecting anomalies in network traffic; b) Realizing the system as a rule-based model using an ensemble efficient machine learning technique, neurotree which possesses better comprehensibility and generalization ability; c) Utilizing an activation function which is targeted at minimizing the error rates in the learning algorithm. An extensive experimental evaluation on a database containing normal and anomaly traffic patterns shows that the proposed scheme with the selected features and the chosen classifier is a state-of-the-art IDS that outperforms previous IDS methods.
引用
收藏
页码:541 / 564
页数:24
相关论文
共 33 条
[1]  
Amor N.B., 2004, P 2004 ACM S APPL CO, P420, DOI DOI 10.1145/967900.967989
[2]  
[Anonymous], 1898, Neural Computation
[3]   An empirical comparison of voting classification algorithms: Bagging, boosting, and variants [J].
Bauer, E ;
Kohavi, R .
MACHINE LEARNING, 1999, 36 (1-2) :105-139
[4]  
Benferhat S, 2006, INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE FOR MODELLING, CONTROL & AUTOMATION JOINTLY WITH INTERNATIONAL CONFERENCE ON INTELLIGENT AGENTS, WEB TECHNOLOGIES & INTERNET COMMERCE, VOL 1, PROCEEDINGS, P211
[5]  
Breiman L., 1984, CLASSIFICATION REGRE
[6]  
Cannady J., 1998, P NAT INF SYST SEC C, V26, P443
[7]   Decision-tree instance-space decomposition with grouped gain-ratio [J].
Cohen, Shahar ;
Rokach, Lior ;
Maimon, Oded .
INFORMATION SCIENCES, 2007, 177 (17) :3592-3612
[8]   Towards improving cluster-based feature selection with a simplified silhouette filter [J].
Covoes, Thiago F. ;
Hruschka, Eduardo R. .
INFORMATION SCIENCES, 2011, 181 (18) :3766-3782
[9]   Evolving data mining into solutions for insights - Introduction [J].
Fayyad, U ;
Uthurusamy, R .
COMMUNICATIONS OF THE ACM, 2002, 45 (08) :28-31
[10]   K-Means+ID3: A novel method for supervised anomaly detection by cascading k-Means clustering and ID3 decision tree learning methods [J].
Gaddam, Shekhar R. ;
Phoha, Vir V. ;
Balagani, Kiran S. .
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2007, 19 (03) :345-354