Top

Published in:

2018 | OriginalPaper | Chapter

A Hybrid Intrusion Detection System for Contemporary Network Intrusion Dataset

Authors : Jheng-Mo Liao, Jui-Sheng Liu, Sheng-De Wang

Published in: Security with Intelligent Computing and Big-data Services

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

We propose a hybrid intrusion detection approach to detect network anomalies. The proposed approach uses a feature discrete method and a cluster analysis algorithm to separate the training samples into two groups, normal and anomaly groups, and then a new classification model is built to improve the performance of the sub group classification. We discretize the features of training samples by the method considering the interdependence between features and labels. Class information is added into the attributes to enhance the clustering results. For the anomaly group, several representative features are selected to construct a classification model to improve the overall classification performance. Two efficient machine learning algorithms, the Decision Tree algorithm and the Bayesian Network algorithm, are adopted in our experiment. The experiment results show that our method can increase both the normal and anomaly detection rate, precision and accuracy. For the classification of new types of modern attacks, our approach also can improve the overall accuracy.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Copy-Move Forgery Detection Based on Local Gabor Wavelets Patterns

next chapter Mitigating DoS Attacks in SDN Using Offloading Path Strategies

García, S., Luengo, J., Sáez, J.A., López, V., Herrera, F.: A survey of discretization techniques: taxonomy and empirical analysis in supervised learning. IEEE Trans. Knowl. Data Eng. 25, 734–750 (2013)CrossRef

García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28, 18–28 (2009)CrossRef

Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutorials 18, 1153–1176 (2015)CrossRef

Guo, C., Ping, Y., Liu, N., Luo, S.-S.: A two level hybrid approach for intrusion detection. Neurocomputing 214, 391–400 (2016)CrossRef

Kurgan, L.A., Cios, K.J.: CAIM discretization algorithm. IEEE Trans. Knowl. Data Eng. 16, 145–153 (2004)CrossRef

Lin, W.-C., Ke, S.-W., Tsai, C.-F.: CANN: an intrusion detection system based on combining cluster centers and nearest neighbors. Knowl. Based Syst. 78, 13–21 (2015)CrossRef

Yin, C., Zhang, S., Wang. J., Kim, J.-U.: An improved K-means using in anomaly detection. In: Computational Intelligence Theory, Systems and Applications (CCITSA) (2015)

Om, H., Kundu, A.: A hybrid system for reducing the false alarm rate of anomaly intrusion detection system. In: Recent Advances in Information Technology (RAIT) (2012)

Al-Yaseen, W.L., Othman, Z.A., Zakree, M., Nazri, A.: Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system. In: Expert Systems with Applications, vol. 67, pp. 296–303, January 2017

10.

Chordia Anita, S., Gupta, S.: An effective model for anomaly IDS to improve the efficiency. In: Green Computing and Internet of Things (ICGCIoT) (2015)

11.

Aissa, N.B., Guerroumi, M.: A genetic clustering technique for anomaly based intrusion detection systems. In: Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD) (2015)

12.

Liu, L., Wan, P., Wang, Y., Liu, S.: Clustering and hybrid genetic algorithm based intrusion detection strategy. Indonesian J. Electr. Eng. 12 (2014). TELKOMNIKA

13.

Eslamnezhad, M., Varjani, A.Y.: Intrusion detection based on MinMax K-means clustering. In: Telecommunications (IST) (2014)

14.

Varuna, S., Natesan, P.: An integration of K-Means clustering and Naïve Bayes classifier for intrusion detection. In: Signal Processing, Communication and Networking (ICSCN) (2015)

15.

Hall, M.A.: Correlation-based Feature Selection for Machine Learning, Ph.D. dissertation, University of Waikato, New Zealand, April 1999

16.

Kaur, R., Kumar, G., Kumar, K.: A comparative study of feature selection techniques for intrusion detection. In: Computing for Sustainable Global Development (INDIACom) (2015)

17.

Haq, N.F., Onik, A.R., Shah, F.M.: An ensemble framework of anomaly detection using Hybridized Feature Selection Approach (HFSA). In: SAI Intelligent Systems Conference (IntelliSys) (2015)

18.

Desale, K.S., Ade, R.: Genetic algorithm based feature selection approach for effective intrusion detection system. In: Computer Communication and Informatics (ICCCI) (2015)

19.

Pervez, M.S., Farid, D.M.: Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs. In: Software, Knowledge, Information Management and Applications (SKIMA) (2014)

20.

Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J. Glob. Perspect. 25, 18–31 (2016)CrossRef

21.

Moustafa, N., Slay, J.: A hybrid feature selection for network intrusion detection systems: central points and association rules. In: Australian Information Warfare Conference, December 2015

22.

Moustafa, N., Slay, J.: The significant feature of the UNSW-NB15 and the KDD99 datasets for network intrusion detection systems. In: Proceedings of the 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS 2015), November 2015

23.

Fawcett, T.: An introduction to ROC analysis. Pattern Recogn. Lett. 27, 861–874 (2006)CrossRef

Title: A Hybrid Intrusion Detection System for Contemporary Network Intrusion Dataset
Authors: Jheng-Mo Liao
Jui-Sheng Liu
Sheng-De Wang
Publisher: Springer International Publishing
Book: Security with Intelligent Computing and Big-data Services
Print ISBN: 978-3-319-76450-4

Electronic ISBN: 978-3-319-76451-1

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-319-76451-1_6

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner