Skip to main content
SpringerLink
Log in
Book cover

Computational Intelligence in Security for Information Systems pp 17–24Cite as

Approach Based Ensemble Methods for Better and Faster Intrusion Detection

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6694))

Abstract

This study introduces a new method based on Greedy-Boost, a multiple classifier system, for better and faster intrusion detection. Detection of the anomalies in the data-processing networks is regarded as a problem of data classification allowing to use data mining and machine learning techniques to perform intrusion detection. With such automatic processing procedures, human expertise only focuses on a small set of potential anomalies which may result in important time savings and efficiency. In order to be scalable and efficient, these kinds of approaches must respect important requirements. The first is to obtain a high level of precision, that is to be able to detect a maximum of anomalies with a minimum of false alarms. The second is to detect potential anomalies as fast as possible. We propose Greedy-Boost, a new approach of boosting which is based on an adaptive combination of multiple classifiers to perform the precision of the detection. This approach uses an aspect of smooth that ensures stability of the classifier system and offers speed of detection. The experimental results, conducted on the KDD99 dataset, prove that our proposed approach outperforms several state-of-the-art methods, particularly in detecting rare attack types.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Xiang, C., Yong, P.C., Meng, L.S.: Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees. Pattern Recognition Letters 29 (2008)

    Google Scholar 

  2. Giacinto, G., Roli, F.: Intrusion detection in computer networks by multiple classifier systems. In: 16th International Conference on Pattern Recognition, Quebec City, Canada (2003)

    Google Scholar 

  3. Zainal, A., Maarof, M.A., Shamsuddin, S.M., Abraham, A.: Ensemble of one-class classifiers for network intrusion detection system. In: Information Assurance and Security (2008)

    Google Scholar 

  4. Perdisci, R., Ariu, D., Fogla, P., Giacinto, G., Lee, W.: McPAD: A multiple classifier system for accurate payload based anomaly detection. Computer Networks 53(6), 864–881 (2009)

    Article  MATH  Google Scholar 

  5. Giacinto, G., Perdisci, R., Rio, M.D., Roli, F.: Intrusion detection in computer networks by a modular ensemble of one-class classifiers. Information Fusion 9, 69–82 (2008)

    Article  Google Scholar 

  6. Giacinto, G., Perdisci, R., Roli, F.: Network Intrusion Detection by Combining One-class Classifiers. In: International Conference on Image Analysis and Processing (2005); Special Session on Intrusion Detection, ICIAP

    Google Scholar 

  7. Abadeh, M.S., Habibi, J., Barzegar, Z., Sergi, M.: A parallel genetic local search algorithm for intrusion detection in computer networks. In: Engineering Applications of Artificial Intelligence, vol. 20, pp. 1058–1069 (2007)

    Google Scholar 

  8. Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion detection using an ensemble of intelligent paradigms. Network and Computer Applications 28, 167–182 (2005)

    Article  Google Scholar 

  9. Zhang, J., Zulkernine, M.: Anomaly Based Network Intrusion Detection with Unsupervised Outlier Detection. In: IEEE International Conference on Communications, ICC 2006, pp. 2388–2393 (2006)

    Google Scholar 

  10. DARPA dataset, http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/

  11. Shapire, R.: The strength of weak learnability. Machine Learning 5, 197–227 (1990)

    Google Scholar 

  12. Freund, Y., Schapire, R.E.: A decision-theoretic generalization of on-line learning and an application to Boosting. J. Comput. Syst. Sci. 55(1), 119–139 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  13. Shafi, K., Abbass, H.A.: An adaptive genetic-based signature learning system for intrusion detection. Expert Systems with Applications 36(10), 12036–12043 (2009)

    Article  Google Scholar 

  14. Jiang, S.Y., Song, X., Wang, H., Han, J.J., Li, Q.H.: A clustering-based method for unsupervised intrusion detections. Pattern Recognition Letters 27, 802–810 (2006)

    Article  Google Scholar 

  15. Yu, Z., Tsai, J.J.P.: An efficient intrusion detection system using a boosting-based learning algorithm. International Journal of Computer Applications in Technology Achive 27(4) (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ERIC Laboratory, University of Lyon, 5, Avenue Pierre-Mendes France, 69500, France

    Emna Bahri, Nouria Harbi & Hoa Nguyen Huu

Authors
  1. Emna Bahri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nouria Harbi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hoa Nguyen Huu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Departamento de Ingeniería Civil, Universidad de Burgos, Francisco de Vitoria s/n, 09006, Burgos, Spain

    Álvaro Herrero

  2. Departamento de Informática y Automática, Universidad de Salamanca, Plaza de la Merced s/n, 37008, Salamanca, Spain

    Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bahri, E., Harbi, N., Huu, H.N. (2011). Approach Based Ensemble Methods for Better and Faster Intrusion Detection. In: Herrero, Á., Corchado, E. (eds) Computational Intelligence in Security for Information Systems. Lecture Notes in Computer Science, vol 6694. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21323-6_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-21323-6_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-21322-9

  • Online ISBN: 978-3-642-21323-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation