Skip to main content
SpringerLink
Log in

Improving the Performance of Neural Networks with Random Forest in Detecting Network Intrusions

  • Conference paper
Advances in Neural Networks – ISNN 2013 (ISNN 2013)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 7952))

Included in the following conference series:

Abstract

Neural Networks such as RBFN and BPNN have been widely studied in the area of network intrusion detection, with the purpose of detecting a variety of network anomalies (e.g., worms, malware). In real-world applications, however, the performance of these neural networks is dynamic regarding the use of different datasets. One of the reasons is that there are some redundant features for the dataset. To mitigate this issue, in this paper, we propose an approach of combining Neural Networks with Random Forest to improve the accuracy of detecting network intrusions. In particular, we design an intelligent anomaly detection system that uses the algorithm of Random Forest in the process of feature selection and selects an appropriate algorithm in an adaptive way. In the evaluation, we conducted two major experiments using the KDD1999 dataset and a real dataset respectively. The experimental results indicate that Random Forest can enhance the performance of Neural Networks by identifying important and closely related features and that our developed system can select a better algorithm intelligently.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Barreto, G.A., Aguayo, L.: Time Series Clustering for Anomaly Detection Using Competitive Neural Networks. In: Príncipe, J.C., Miikkulainen, R. (eds.) WSOM 2009. LNCS, vol. 5629, pp. 28–36. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  2. Breiman, L.: Random Forest. Machine Learning 45(1), 5–32 (2001)

    Article  MATH  Google Scholar 

  3. Caruana, R., Karampatziakis, N., Yessenalina, A.: An Empirical Evaluation of Supervised Learning in High Dimensions. In: Proceedings of the 25th International Conference on Machine Learning (ICML), pp. 96–103 (2008)

    Google Scholar 

  4. Cha, B.R., Lee, D.S.: Network-Based Anomaly Intrusion Detection Improvement by Bayesian Network and Indirect Relation. In: Apolloni, B., Howlett, R.J., Jain, L. (eds.) KES 2007, Part II. LNCS (LNAI), vol. 4693, pp. 141–148. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  5. Cha, B.R., Park, K.W., Seo, J.H.: Neural Network Techniques for Host Anomaly Intrusion Detection Using Fixed Pattern Transformation. In: Gervasi, O., Gavrilova, M.L., Kumar, V., Laganá, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K. (eds.) ICCSA 2005. LNCS, vol. 3481, pp. 254–263. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Han, S.-J., Cho, S.-B.: Evolutionary Neural Networks for Anomaly Detection based on the Behavior of a Program. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics 36(3), 559–570 (2005)

    Article  Google Scholar 

  7. Gao, M., Tian, J., Zhou, S.: Community Intrusion Detection System Based on Radial Basic Probabilistic Neural Network. In: Yu, W., He, H., Zhang, N. (eds.) ISNN 2009, Part II. LNCS, vol. 5552, pp. 745–752. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Kim, D.S., Park, J.S.: Network-Based Intrusion Detection with Support Vector Machines. In: Kahng, H.-K. (ed.) ICOIN 2003. LNCS, vol. 2662, pp. 747–756. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Kim, D.S., Lee, S.M., Park, J.S.: Building Lightweight Intrusion Detection System Based on Random Forest. In: Wang, J., Yi, Z., Żurada, J.M., Lu, B.-L., Yin, H. (eds.) ISNN 2006. LNCS, vol. 3973, pp. 224–230. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Kruegel, C., Toth, T.: Using Decision Trees to Improve Signature-Based Intrusion Detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 173–191. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  11. Li, Y., Fang, B.-X., Guo, L., Chen, Y.: TCM-KNN Algorithm for Supervised Network Intrusion Detection. In: Yang, C.C., et al. (eds.) PAISI 2007. LNCS, vol. 4430, pp. 141–151. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  12. Linda, O., Vollmer, T., Manic, M.: Neural Network based Intrusion Detection System for Critical Infrastructures. In: Proceedings of the 2009 International Joint Conference on Neural Networks (IJCNN), pp. 1827–1834 (2009)

    Google Scholar 

  13. Liu, G., Yi, Z.: Intrusion Detection Using PCASOM Neural Networks. In: Wang, J., Yi, Z., Żurada, J.M., Lu, B.-L., Yin, H. (eds.) ISNN 2006. LNCS, vol. 3973, pp. 240–245. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. Liu.W., Duan, H.-X., Ren, P., Wu, J.-P.: IABA: An Improved PNN Algorithm for Anomaly Detection in Network Security Management. In: Proceedings of the 2010 International Conference on Natural Computation (ICNC), pp. 335–339 (2010)

    Google Scholar 

  15. Malik, A.J., Shahzad, W., Khan, F.S.: Binary PSO and Random Forests Algorithm for PROBE Attacks Detection in a Network. In: Proceedings of the 2011 IEEE Congress on Evolutionary Computation (CEC), pp. 662–668 (2011)

    Google Scholar 

  16. Meng, Y., Kwok, L.-F.: Intrusion Detection using Disagreement-based Semi-Supervised Learning: Detection Enhancement and False Alarm Reduction. In: Xiang, Y., Lopez, J., Kuo, C.-C.J., Zhou, W. (eds.) CSS 2012. LNCS, vol. 7672, pp. 483–497. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  17. Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks 31(23-24), 2435–2463 (1999)

    Article  Google Scholar 

  18. Roesch, M.: Snort: Lightweight Intrusion Detection for Networks. In: Proceedings of the 1999 Usenix Lisa Conference, pp. 229–238 (1999)

    Google Scholar 

  19. Sun, N.-Q., Li, Y.: Intrusion Detection Based on Back-Propagation Neural Network and Feature Selection Mechanism. In: Lee, Y.-h., Kim, T.-h., Fang, W.-c., Ślęzak, D. (eds.) FGIT 2009. LNCS, vol. 5899, pp. 151–159. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  20. Tian, D., Liu, Y., Li, B.: A Distributed Hebb Neural Network for Network Anomaly Detection. In: Stojmenovic, I., Thulasiram, R.K., Yang, L.T., Jia, W., Guo, M., de Mello, R.F. (eds.) ISPA 2007. LNCS, vol. 4742, pp. 314–325. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  21. Wang, Y., Gu, D., Li, W., Li, H., Li, J.: Network Intrusion Detection with Workflow Feature Definition Using BP Neural Network. In: Yu, W., He, H., Zhang, N. (eds.) ISNN 2009, Part I. LNCS, vol. 5551, pp. 60–67. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  22. Yang, Z., Karahoca, A.: An Anomaly Intrusion Detection Approach Using Cellular Neural Networks. In: Levi, A., Savaş, E., Yenigün, H., Balcısoy, S., Saygın, Y. (eds.) ISCIS 2006. LNCS, vol. 4263, pp. 908–917. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Division, Zhaoqing Foreign Language College, Guangdong, China

    Wenjuan Li

  2. Department of Computer Science, City University of Hong Kong, Hong Kong, China

    Yuxin Meng

Authors
  1. Wenjuan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuxin Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information and Communication Engineering, Dalian University of Technology, A 530, Chuangxinyuan Building, 116023, Dalian, China

    Chengan Guo

  2. Institute of Automation, Chinese Academy of Sciences, 100864, Beijing, China

    Zeng-Guang Hou

  3. School of Automation, Huazhong University of Science and Technology, 430074, Wuhan, China

    Zhigang Zeng

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Li, W., Meng, Y. (2013). Improving the Performance of Neural Networks with Random Forest in Detecting Network Intrusions. In: Guo, C., Hou, ZG., Zeng, Z. (eds) Advances in Neural Networks – ISNN 2013. ISNN 2013. Lecture Notes in Computer Science, vol 7952. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39068-5_74

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-39068-5_74

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39067-8

  • Online ISBN: 978-3-642-39068-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation