Abstract
Neural Networks such as RBFN and BPNN have been widely studied in the area of network intrusion detection, with the purpose of detecting a variety of network anomalies (e.g., worms, malware). In real-world applications, however, the performance of these neural networks is dynamic regarding the use of different datasets. One of the reasons is that there are some redundant features for the dataset. To mitigate this issue, in this paper, we propose an approach of combining Neural Networks with Random Forest to improve the accuracy of detecting network intrusions. In particular, we design an intelligent anomaly detection system that uses the algorithm of Random Forest in the process of feature selection and selects an appropriate algorithm in an adaptive way. In the evaluation, we conducted two major experiments using the KDD1999 dataset and a real dataset respectively. The experimental results indicate that Random Forest can enhance the performance of Neural Networks by identifying important and closely related features and that our developed system can select a better algorithm intelligently.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Barreto, G.A., Aguayo, L.: Time Series Clustering for Anomaly Detection Using Competitive Neural Networks. In: Príncipe, J.C., Miikkulainen, R. (eds.) WSOM 2009. LNCS, vol. 5629, pp. 28–36. Springer, Heidelberg (2009)
Breiman, L.: Random Forest. Machine Learning 45(1), 5–32 (2001)
Caruana, R., Karampatziakis, N., Yessenalina, A.: An Empirical Evaluation of Supervised Learning in High Dimensions. In: Proceedings of the 25th International Conference on Machine Learning (ICML), pp. 96–103 (2008)
Cha, B.R., Lee, D.S.: Network-Based Anomaly Intrusion Detection Improvement by Bayesian Network and Indirect Relation. In: Apolloni, B., Howlett, R.J., Jain, L. (eds.) KES 2007, Part II. LNCS (LNAI), vol. 4693, pp. 141–148. Springer, Heidelberg (2007)
Cha, B.R., Park, K.W., Seo, J.H.: Neural Network Techniques for Host Anomaly Intrusion Detection Using Fixed Pattern Transformation. In: Gervasi, O., Gavrilova, M.L., Kumar, V., Laganá, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K. (eds.) ICCSA 2005. LNCS, vol. 3481, pp. 254–263. Springer, Heidelberg (2005)
Han, S.-J., Cho, S.-B.: Evolutionary Neural Networks for Anomaly Detection based on the Behavior of a Program. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics 36(3), 559–570 (2005)
Gao, M., Tian, J., Zhou, S.: Community Intrusion Detection System Based on Radial Basic Probabilistic Neural Network. In: Yu, W., He, H., Zhang, N. (eds.) ISNN 2009, Part II. LNCS, vol. 5552, pp. 745–752. Springer, Heidelberg (2009)
Kim, D.S., Park, J.S.: Network-Based Intrusion Detection with Support Vector Machines. In: Kahng, H.-K. (ed.) ICOIN 2003. LNCS, vol. 2662, pp. 747–756. Springer, Heidelberg (2003)
Kim, D.S., Lee, S.M., Park, J.S.: Building Lightweight Intrusion Detection System Based on Random Forest. In: Wang, J., Yi, Z., Żurada, J.M., Lu, B.-L., Yin, H. (eds.) ISNN 2006. LNCS, vol. 3973, pp. 224–230. Springer, Heidelberg (2006)
Kruegel, C., Toth, T.: Using Decision Trees to Improve Signature-Based Intrusion Detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 173–191. Springer, Heidelberg (2003)
Li, Y., Fang, B.-X., Guo, L., Chen, Y.: TCM-KNN Algorithm for Supervised Network Intrusion Detection. In: Yang, C.C., et al. (eds.) PAISI 2007. LNCS, vol. 4430, pp. 141–151. Springer, Heidelberg (2007)
Linda, O., Vollmer, T., Manic, M.: Neural Network based Intrusion Detection System for Critical Infrastructures. In: Proceedings of the 2009 International Joint Conference on Neural Networks (IJCNN), pp. 1827–1834 (2009)
Liu, G., Yi, Z.: Intrusion Detection Using PCASOM Neural Networks. In: Wang, J., Yi, Z., Żurada, J.M., Lu, B.-L., Yin, H. (eds.) ISNN 2006. LNCS, vol. 3973, pp. 240–245. Springer, Heidelberg (2006)
Liu.W., Duan, H.-X., Ren, P., Wu, J.-P.: IABA: An Improved PNN Algorithm for Anomaly Detection in Network Security Management. In: Proceedings of the 2010 International Conference on Natural Computation (ICNC), pp. 335–339 (2010)
Malik, A.J., Shahzad, W., Khan, F.S.: Binary PSO and Random Forests Algorithm for PROBE Attacks Detection in a Network. In: Proceedings of the 2011 IEEE Congress on Evolutionary Computation (CEC), pp. 662–668 (2011)
Meng, Y., Kwok, L.-F.: Intrusion Detection using Disagreement-based Semi-Supervised Learning: Detection Enhancement and False Alarm Reduction. In: Xiang, Y., Lopez, J., Kuo, C.-C.J., Zhou, W. (eds.) CSS 2012. LNCS, vol. 7672, pp. 483–497. Springer, Heidelberg (2012)
Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks 31(23-24), 2435–2463 (1999)
Roesch, M.: Snort: Lightweight Intrusion Detection for Networks. In: Proceedings of the 1999 Usenix Lisa Conference, pp. 229–238 (1999)
Sun, N.-Q., Li, Y.: Intrusion Detection Based on Back-Propagation Neural Network and Feature Selection Mechanism. In: Lee, Y.-h., Kim, T.-h., Fang, W.-c., Ślęzak, D. (eds.) FGIT 2009. LNCS, vol. 5899, pp. 151–159. Springer, Heidelberg (2009)
Tian, D., Liu, Y., Li, B.: A Distributed Hebb Neural Network for Network Anomaly Detection. In: Stojmenovic, I., Thulasiram, R.K., Yang, L.T., Jia, W., Guo, M., de Mello, R.F. (eds.) ISPA 2007. LNCS, vol. 4742, pp. 314–325. Springer, Heidelberg (2007)
Wang, Y., Gu, D., Li, W., Li, H., Li, J.: Network Intrusion Detection with Workflow Feature Definition Using BP Neural Network. In: Yu, W., He, H., Zhang, N. (eds.) ISNN 2009, Part I. LNCS, vol. 5551, pp. 60–67. Springer, Heidelberg (2009)
Yang, Z., Karahoca, A.: An Anomaly Intrusion Detection Approach Using Cellular Neural Networks. In: Levi, A., Savaş, E., Yenigün, H., Balcısoy, S., Saygın, Y. (eds.) ISCIS 2006. LNCS, vol. 4263, pp. 908–917. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, W., Meng, Y. (2013). Improving the Performance of Neural Networks with Random Forest in Detecting Network Intrusions. In: Guo, C., Hou, ZG., Zeng, Z. (eds) Advances in Neural Networks – ISNN 2013. ISNN 2013. Lecture Notes in Computer Science, vol 7952. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39068-5_74
Download citation
DOI: https://doi.org/10.1007/978-3-642-39068-5_74
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-39067-8
Online ISBN: 978-3-642-39068-5
eBook Packages: Computer ScienceComputer Science (R0)