Advertisement

Attack Detection in Mobile Internet and Networks Using the Graph-Based Schemes for Combining the Support Vector Machines

  • Alexander Branitskiy
  • Igor Kotenko
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 971)

Abstract

The paper presents a comparative analysis of two schemes for combining the binary classifiers. In the role of such classifiers we use well-known models—support vector machines (SVMs). For constructing the multiclass models we experimentally investigate two schemes for combining the SVMs, namely a classification binary tree (CBT) and a directed acyclic graph (DAG). Main application of considered models we demonstrate in the paper is attack detection and classification in mobile Internet and networks. The various performance indicators of classifiers are given. The results of experiments performed for to estimate these indicators and usage of time and system resources are presented.

Keywords

Network attack detection Support vector machine Classification binary tree Directed acyclic graph Principal component analysis 

Notes

Acknowledgments

This research is being supported by the grant of RSF #18-11-00302 in SPIIRAS.

References

  1. 1.
    Branitskiy, A., Kotenko, I.: Network attack detection based on combination of neural, immune and neuro-fuzzy classifiers. In: IEEE 18th International Conference on Computational Science and Engineering (CSE), pp. 152–159 (2015)Google Scholar
  2. 2.
    Branitskiy, A., Kotenko, I.: Hybridization of computational intelligence methods for attack detection in computer networks. J. Comput. Sci. 23, 145–156 (2017)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Lee, H., Song, J., Park, D.: Intrusion detection system based on multi-class SVM. In: Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing, pp. 511–519 (2005)Google Scholar
  4. 4.
    Khan, L., Awad, M., Thuraisingham, B.: A new intrusion detection system using support vector machines and hierarchical clustering. VLDB J. Int. J. Very Large Data Bases 16(4), 507–521 (2007)CrossRefGoogle Scholar
  5. 5.
    Xu, X., Wang, X.: An adaptive network intrusion detection method based on PCA and support vector machines. In: International Conference on Advanced Data Mining and Applications, pp. 696–703 (2005)CrossRefGoogle Scholar
  6. 6.
    Kim, D. S., Nguyen, H.-N., Park, J. S.: Genetic algorithm to improve SVM based network intrusion detection system. In: 19th International Conference on Advanced Information Networking and Applications, vol. 2, pp. 155–158 (2005)Google Scholar
  7. 7.
    Shon, T., Kim, Y., Lee, C., Moon, J.: A machine learning framework for network anomaly detection using SVM and GA. In: Information Assurance Workshop, IAW 2005, Proceedings from the Sixth Annual IEEE SMC, pp. 176–183 (2005)Google Scholar
  8. 8.
    Wang, J., Hong, X., Ren, R., Li, T.: A real-time intrusion detection system based on PSO-SVM. In: Proceedings of the International Workshop on Information Security and Application, pp. 319–321 (2009)Google Scholar
  9. 9.
    Li, L., Zhao, K.: A new intrusion detection system based on rough set theory and fuzzy support vector machine. In: 3rd International Workshop on Intelligent Systems and Applications (ISA), pp. 1–5 (2011)Google Scholar
  10. 10.
    Thaseen, I.S., Kumar, C.A.: Intrusion detection model using fusion of chi-square feature selection and multi class SVM. J. King Saud Univ. Comput. Inf. Sci. 29(4), 462–472 (2017)CrossRefGoogle Scholar
  11. 11.
    Abraham, A., Thomas, J.: Distributed intrusion detection systems: a computational intelligence approach. In: Applications of Information Systems to Homeland Security and Defense, pp. 107–137 (2006)Google Scholar
  12. 12.
    Peddabachigari, S., Abraham, A., Grosan, C., Thomas, J.: Modeling intrusion detection system using hybrid intelligent systems. J. Netw. Comput. Appl. 30(1), 114–132 (2007)CrossRefGoogle Scholar
  13. 13.
    Hsu, C.-W., Lin, C.-J.: A comparison of methods for multiclass support vector machines. IEEE Trans. Neural Netw. 13(2), 415–425 (2002)CrossRefGoogle Scholar
  14. 14.
    Drucker, H., Burges, C.J.C., Kaufman, L., Smola, A.J., Vapnik, V.: Support vector regression machines. In: Advances in Neural Information Processing Systems, pp. 155–161 (1997)Google Scholar
  15. 15.
    Müller, K.-R., Smola, A.J., Rätsch, G., Schölkopf, B., Kohlmorgen, J., Vapnik, V.: Predicting time series with support vector machines. In: International Conference on Artificial Neural Networks, pp. 999–1004 (1997)Google Scholar
  16. 16.
    Platt, J.: Sequential minimal optimization: a fast algorithm for training support vector machines (1998)Google Scholar
  17. 17.
    Stevens, W. R.: TCP/IP illustrated, volume 1: The protocols. Addison-Wesley Professional (1993)Google Scholar
  18. 18.
    Refaeilzadeh, P., Tang, L., Liu, H.: Cross-validation. Encyclopedia of Database Systems, pp. 532–538 (2009)Google Scholar
  19. 19.
    Rifkin, R., Klautau, A.: In defense of one-vs-all classification. J. Mach. Learn. Res. 5, 101–141 (2004)MathSciNetzbMATHGoogle Scholar
  20. 20.
    Galar, M., Fernández, A., Barrenechea, E., Bustince, H., Herrera, F.: An overview of ensemble methods for binary classifiers in multi-class problems: experimental study on one-vs-one and one-vs-all schemes. Pattern Recogn. 44(8), 1761–1776 (2011)CrossRefGoogle Scholar
  21. 21.
    García-Pedrajas, N., Ortiz-Boyer, D.: Improving multiclass pattern recognition by the combination of two strategies. IEEE Trans. Pattern Anal. Mach. Intell. 28(6), 1001–1006 (2006)CrossRefGoogle Scholar
  22. 22.
    Kotenko, I., Saenko, I., Kushnerevich, A.: Parallel big data processing system for security monitoring in Internet of Things networks. J. Wirel. Mobile Netw. Ubiquitous Comput. Dependable Appl. (JoWUA) 8(4), 60–74 (2017)Google Scholar
  23. 23.
    Desnitsky, V., Levshun, D., Chechulin, A., Kotenko, I.: Design technique for secure embedded devices: application for creation of integrated cyber-physical security system. J. Wirel. Mobile Netw. Ubiquitous Comput. Dependable Appl. (JoWUA) 7(2), 60–80 (2016)Google Scholar
  24. 24.
    Zeng, J., Ke, F., Zuo, Y., Liu, Q., Huang, M., Cao, Y.: Multi-attribute aware path selection approach for efficient MPTCP-based data delivery. J. Internet Serv. Inf. Secur. 7(1), 28–39 (2017)Google Scholar
  25. 25.
    Kurokawa, T., Nojima, R., Moriai, S.: On the security of CBC mode in SSL3.0 and TLS1.0. J. Internet Serv. Inf. Secur. 6(1), 2–19 (2016)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences (SPIIRAS)St. PetersburgRussia
  2. 2.St. Petersburg National Research University of Information Technologies, Mechanics and Optics (ITMO University)St. PetersburgRussia

Personalised recommendations