nach oben

Soft Computing

Erschienen in:

30.12.2015 | Methodologies and Application

Improved traffic detection with support vector machine based on restricted Boltzmann machine

verfasst von: Jun Yang, Jiangdong Deng, Shujuan Li, Yongle Hao

Erschienen in: Soft Computing | Ausgabe 11/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We can obtain a great deal of information from networks, but at the same time, we also face increasingly more problems, including those related to network security. Detecting network anomalies by their generation applications plays an important role in network security, and the quality of these systems is strongly dependent on the employed detection algorithms. Therefore, improving the performance of these algorithms is an important issue. In this paper, we design a new algorithm that we called the suppor vector machine based on the restricted Boltzmann machine (SVM-RBM) to detect network anomalies. The challenges for this algorithm are feature pre-processing and the speed for training the model. We use unsupervised algorithms such as the restricted Boltzmann machine (RBM) to extract useful features from the data sets and choose the gradient descent algorithm with Spark to train the support vector machine (SVM) classifier for short running time. Moreover, we explore the number of hidden units to improve the performance of SVM-RBM. We also discover that the learning rate has an effect on the SVM and we should choose the appropriate value.

Vorheriger Artikel Conceptual and numerical comparisons of swarm intelligence optimization algorithms

Nächster Artikel Global exponential stability of general A-monotone implicit fuzzy proximal dynamical systems in Banach spaces

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Barman D, Claffy K, Faloutsos M, Fomenkov M, Kim H, Lee K (2008) Internet traffic classification demystified: myths, caveats, and the best practices. In: ACM SIGCOMM conference on emerging networking experiments and technologies (CoNEXT), ACM SIGCOMM conference on emerging networking experiments and technologies (CoNEXT), New York

Calcagn A, Lombardi L, Pascali E (2014) Non-convex fuzzy data and fuzzy statistics: a first descriptive approach to data analysis. Soft Comput 18(8):1575–1588. doi:10.1007/s00500-013-1164-x CrossRefMATH

Carreira-Perpinan MA, Hinton GE (2005) On contrastive divergence learning. In: Proceedings of the 10th international workshop on artificial intelligence and statistics. Society for Artificial Intelligence and Statistics, NP, pp 33–40

Fiore U, Palmieri F, Castiglione A, Santis AD (2013) Network anomaly detection with the restricted Boltzmann machine. Neurocomputing. In: Advances in cognitive and ubiquitous computing. Selected papers from the Sixth international conference on innovative mobile and internet services in ubiquitous computing (IMIS-2012), vol 122, pp 13–23. doi:10.1016/j.neucom.2012.11.050

Gaddam S, Phoha V, Balagani K (2007) K-means+id3: a novel method for supervised anomaly detection by cascading k-means clustering and id3 decision tree learning methods. Knowl Data Eng IEEE Trans 19(3):345–354. doi:10.1109/TKDE.2007.44 CrossRef

Ghosh AK, Schwartzbard A (1999) A study in using neural networks for anomaly and misuse detection. In: Proceedings of the 8th conference on USENIX security symposium, USENIX Association, Berkeley, CA, USA, SSYM’99, vol 8, pp 12–12

Gu Y, McCallum A, Towsley D (2005) Detecting anomalies in network traffic using maximum entropy estimation. In: Proceedings of the 5th ACM SIGCOMM conference on internet measurement, USENIX Association, Berkeley, CA, USA, IMC ’05, pp 32–32

Hinton G (2012) A practical guide to training restricted Boltzmann machines. In: Neural networks: tricks of the trade, lecture notes in computer science, vol 7700. Springer, Berlin, Heidelberg, pp 599–619. doi:10.1007/978-3-642-35289-8_32

Hinton GE, Osindero S, Teh Y (2006) A fast learning algorithm for deep belief nets. Neural Comput 18:1527–1554

Hopfield JJ (1982) Neural networks and physical systems with emergent collective computational abilities. Proc Natl Acad Sci USA 79(8):2554–2558

Kruegel C, Mutz D, Robertson W, Valeur F (2003) Bayesian event classification for intrusion detection. In: Proceedings of the 19th annual computer security applications conference, pp 14–23, doi:10.1109/CSAC.2003.1254306

Lakhina A, Crovella M, Diot C (2005) Mining anomalies using traffic feature distributions. SIGCOMM Comput Commun Rev 35(4):217–228. doi:10.1145/1090191.1080118 CrossRef

Larochelle H, Bengio Y (2008) Classification using discriminative restricted Boltzmann machines. In: Proceedings of the 25th international conference on machine learning, ACM, New York, NY, USA, ICML ’08, pp 536–543. doi:10.1145/1390156.1390224

Le Roux N, Bengio Y (2008) Representational power of restricted Boltzmann machines and deep belief networks. Neural Comput 20(6):1631–1649. doi:10.1162/neco.2008.04-07-510 MathSciNetCrossRefMATH

Lee W, Stolfo SJ (1998) Data mining approaches for intrusion detection. In: Proceedings of the 7th conference on USENIX security symposium, USENIX Association, Berkeley, CA, USA, SSYM’98, vol 7, pp 6–6

Lee H, Pham P, Largman Y, Ng AY (2009) Unsupervised feature learning for audio classification using convolutional deep belief networks. In: Bengio Y, Schuurmans D, Lafferty J, Williams C, Culotta A (eds) Advances in neural information processing systems, vol 22. Curran Associates Inc, pp 1096–1104

Li J, Kim K (2010) Hidden attribute-based signatures without anonymity revocation. Inf Sci 180(9):1681–1689. doi:10.1016/j.ins.2010.01.008 MathSciNetCrossRefMATH

Li J, Chen X, Li M, Li J, Lee P, Lou W (2014a) Secure deduplication with efficient and reliable convergent key management. Parallel Distrib Syst IEEE Trans 25(6):1615–1625. doi:10.1109/TPDS.2013.284 CrossRef

Li J, Huang X, Li J, Chen X, Xiang Y (2014b) Securely outsourcing attribute-based encryption with checkability. Parallel Distrib Syst IEEE Trans 25(8):2201–2210. doi:10.1109/TPDS.2013.271 CrossRef

Mahoney MV, Chan PK (2002) Learning nonstationary models of normal network traffic for detecting novel attacks. In: Proceedings of the eighth ACM SIGKDD international conference on knowledge discovery and data mining, ACM, New York, NY, USA, KDD ’02, pp 376–385. doi:10.1145/775047.775102

Montufar G, Ay N (2011) Refinements of universal approximation results for deep belief networks and restricted Boltzmann machines. Neural Comput 23(5):1306–1319. doi:10.1162/NECO_a_00113

Montufar GF, Rauh J, Ay N (2011) Expressive power and approximation errors of restricted Boltzmann machines. In: Shawe-Taylor J, Zemel R, Bartlett P, Pereira F, Weinberger K (eds) Advances in neural information processing systems, vol 24. Curran Associates Inc, pp 415–423

Munz G, Li S, Carle G (2007) Traffic anomaly detection using kmeans clustering. In. GI/ITG workshop MMBnet

Palmieri F, Fiore U, Castiglione A, Santis AD (2013) On the detection of card-sharing traffic through wavelet analysis and support vector machines. Appl Soft Comput 13(1):615–627. doi:10.1016/j.asoc.2012.08.045

Palmieri F, Fiore U, Castiglione A (2014) A distributed approach to network anomaly detection based on independent component analysis. Concur Comput: Pract Exp 26(5):1113–1129. doi:10.1002/cpe.3061 CrossRef

Ranzato M, lan Boureau Y, Cun YL (2008) Sparse feature learning for deep belief networks. In: Platt J, Koller D, Singer Y, Roweis S (eds) Advances in neural information processing systems, vol 20. Curran Associates Inc, pp 1185–1192

Rao X, Dong CX, Yang SQ (2003) An intrusion detection system based on support vector machine. J Softw 14(4):798–803

Romero A, Gatta C (2013) Do we really need all these neurons. In: Sanches J, Mic L, Cardoso J (eds) Pattern recognition and image analysis, lecture notes in computer science, vol 7887. Springer, Berlin, Heidelberg, pp 460–467. doi:10.1007/978-3-642-38628-2_54

Sancho-Asensio A, Orriols-Puig A, Golobardes E (2014) Robust on-line neural learning classifier system for data stream classification tasks. Soft Comput 18(8):1441–1461. doi:10.1007/s00500-014-1233-9 CrossRef

Sinclair C, Pierce L, Matzner S (1999) An application of machine learning to network intrusion detection. In: Proceedings of the 15th annual computer security applications conference, (ACSAC ’99), pp 371–377. doi:10.1109/CSAC.1999.816048

Wang Z, Crammer K, Vucetic S (2012) Breaking the curse of kernelization: budgeted stochastic gradient descent for large-scale svm training. J Mach Learn Res 13(1):3103–3131MathSciNetMATH

Yu J, Lee H, Kim MS, Park D (2008) Traffic flooding attack detection with snmp mib using svm. Comput Commun 31(17):4212–4219. doi:10.1016/j.comcom.2008.09.018 CrossRef

Zhang J, Zulkernine M (2006) A hybrid network intrusion detection technique using random forests. In: The first international conference on availability, reliability and security, 2006. ARES 2006, pp 8–16. doi:10.1109/ARES.2006.7

Zhang J, Xiang Y, Wang Y, Zhou W, Xiang Y, Guan Y (2013) Network traffic classification using correlation information. Parallel Distrib Syst IEEE Trans 24(1):104–117. doi:10.1109/TPDS.2012.98 CrossRef

Titel: Improved traffic detection with support vector machine based on restricted Boltzmann machine
verfasst von: Jun Yang
Jiangdong Deng
Shujuan Li
Yongle Hao
Publikationsdatum: 30.12.2015
Verlag: Springer Berlin Heidelberg
Erschienen in: Soft Computing / Ausgabe 11/2017
Print ISSN: 1432-7643
Elektronische ISSN: 1433-7479
DOI: https://doi.org/10.1007/s00500-015-1994-9

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 11/2017

Effective fuzzy possibilistic c-means: an analyzing cancer medical database

Conceptual and numerical comparisons of swarm intelligence optimization algorithms

Soft consensus measures in group decision making using unbalanced fuzzy linguistic information

A binary variant of lightning search algorithm: BLSA

Using trading mechanisms to investigate large futures data and their implications to market trends

Special issue on soft computing for big data and social informatics