Abstract
Network Intrusion Detection is the process of analyzing the network traffic so as to unearth any unsafe and possibly disastrous exchanges happening over the network. In the nature of guaranteeing the confidentiality, availability, and integrity of any networking system, the accurate and speedy classification of the transactions becomes indispensable. The potential problem of all the Intrusion Detection System models at the moment, are lower detection rate for less frequent attack groups, and a higher false alarm rate. In case of networks and simulation works signal processing has been a latest and popular technique. In this study, a hybrid method based on coupling Discrete Wavelet Transforms and Artificial Neural Network (ANN) for Intrusion Detection is proposed. The imbalance of the instances across the data-set was eliminated by SMOTE based oversampling of less frequent class and random under-sampling of the dominant class. A three-layer ANN was used for classification. The experimental results on KDD99 data-set advocate about the fact that the proposed model has higher accuracy, detection rate and at the same time has reduced false alarms making it suitable for real-time networks.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Axelsson S (2000) Intrusion detection systems: A survey and taxonomy. Technical Report, Technical report
Hamid Y, Sugumaran M, Balasaraswathi V (2016) Ids using machine learning-current state of art and future directions. Br J Appl Sci Technol 15:1–22
Aburomman AA, Reaz MBI (2016) A novel svm-knn-pso ensemble method for intrusion detection system. Appl Soft Comput 38:360–372
Hamid Y, Sugumaran M, Journaux L (2016) A fusion of feature extraction and feature selection technique for network intrusion detection. Int J Secur Apllications 10:151–158
Swarnkar M, Hubballi N (2016) Ocpad: One class naive bayes classifier for payload based anomaly detection. Expert Syst Appl 64:330–339
Ji S-Y, Jeong B-K, Choi S, Jeong DH (2016) A multi-level intrusion detection method for abnormal network behaviors. J Netw Comput Appl 62:9–17
Sindhu SSS, Geetha S, Kannan A (2012) Decision tree based light weight intrusion detection using a wrapper approach. Expert Syst Appl 39:129–141
Farid DM, Zhang L, Rahman CM, Hossain MA, Strachan R (2014) Hybrid decision tree and naïve bayes classifiers for multi-class classification tasks. Expert Syst Appl 41:1937–1946
Lin W-C, Ke S-W, Tsai C-F (2015) Cann: an intrusion detection system based on combining cluster centers and nearest neighbors. Knowl Based Syst 78:13–21
Xie M, Hu J, Han S, Chen H-H (2013) Scalable hypergrid k-nn-based online anomaly detection in wireless sensor networks. IEEE Trans Parallel Distrib Syst 24:1661–1670
Vokorokos L, Balaz A, Chovanec M (2006) Intrusion detection system using self organizing map. Acta Electrotechnica et Informatica 6:1–6
Zhang Y, Bu W, Su C, Wang L, Xu H (2016) Intrusion detection method based on improved growing hierarchical self-organizing map. Trans Tianjin Univ 22:334–338
Wu J, Peng D, Li Z, Zhao L, Ling H (2015) Network intrusion detection based on a general regression neural network optimized by an improved artificial immune algorithm. PLoS One 10:e0120976
Lei JZ, Ghorbani AA (2012) Improved competitive learning neural networks for network intrusion and fraud detection. Neurocomputing 75:135–145
Davis JJ, Clark AJ (2011) Data preprocessing for anomaly based network intrusion detection: A review. Comput Secur 30:353–375
Eesa AS, Orman Z, Brifcani AMA (2015) A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst Appl 42:2670–2679
Feng W, Zhang Q, Hu G, Huang JX (2014) Mining network data for intrusion detection through combining svms with ant colony networks. Future Gener Comput Syst 37:127–140
Tsai C-F, Lin C-Y (2010) A triangle area based nearest neighbors approach to intrusion detection. Pattern Recogn 43:222–229
Luo B, Xia J (2014) A novel intrusion detection system based on feature generation with visualization strategy. Expert Syst Appl 41:4139–4147
Farquad M, Bose I (2012) Preprocessing unbalanced data using support vector machine. Decis Support Syst 53:226–233
Yen S-J, Lee Y-S (2009) Cluster-based under-sampling approaches for imbalanced data distributions. Expert Syst Appl 36:5718–5727
Hall J, Barbeau M, Kranakis E (2004) Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. In: Communications, internet, and information technology, pp 201–206
Hamdi M, Boudriga N (2007) Detecting denial-of-service attacks using the wavelet transform. Comput Commun 30:3203–3213
Viinikka J, Debar H, Mé L, Lehikoinen A, Tarvainen M (2009) Processing intrusion detection alert aggregates with time series modeling. Inf Fusion 10:312–324
Daubechies I (1992) Ten lectures on wavelets, vol 61. Siam, New Delhi
Hotelling H (1933) Analysis of a complex of statistical variables into principal components. J Educ Psychol 24:417
Chawla NV, Bowyer KW, Hall LO, Kegelmeyer WP (2002) Smote: synthetic minority over-sampling technique. J Artif Intell Res 16:321–357
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Hamid, Y., Shah, F.A. & Sugumaran, M. Wavelet neural network model for network intrusion detection system. Int. j. inf. tecnol. 11, 251–263 (2019). https://doi.org/10.1007/s41870-018-0225-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41870-018-0225-x