Skip to main content
SpringerLink
Log in

A Novel Multilevel Classifier Hybrid Model for Intrusion Detection Using Machine Learning

  • Chapter
  • First Online:
Nature-Inspired Computing for Smart Application Design

Part of the book series: Springer Tracts in Nature-Inspired Computing ((STNIC))

  • 231 Accesses

Abstract

Due to widespread of Internet, the malicious activities are increasing that affect a single system as well as a network of systems (computer networks). Therefore, a system required for of an effective intrusion detection system (IDS) that can protect the user’s information, which is a great demanding task. In this research work, develop a novel multilevel classifier hybrid model of IDS using machine learning technique that combines together the misuse and anomaly detection approaches using the supervised and unsupervised learning approaches. This model contains two phases: In first phase, the random tree classifier classifies the dataset into known attacks using the misuse detection approach, and second phase classifies the novel attacks using the anomaly detection approach. It uses the instance-based learning method is used the k-nearest neighbor algorithm separately in phase 2. The proposed model provides a significant improvement of in predication accuracy, reduces false positive rate, and reduces the training time. Hence, it is confirmed that proposed model is a novel combination of classifiers that can be trained on a dataset in parallel, thus saves the training time and makes the system processing faster. Using simulation results, we describe that the developed model provides more significant results than the previous IDS models.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Desale, K. S., Kumathekar, C. N., & Chavan, A. P. (2015). Efficient intrusion detection system using stream data mining classification technique. In International Conference on Computing Communication Control and Automation (ICCUBEA) (pp. 469–473). IEEE.

    Google Scholar 

  2. Mohammad, M. N., Sulaiman, N., Muhsin, O. A. (2011). A novel intrusion detection system by using intelligent data mining in weka environment. Procedia Computer Science, 3, 1237–1242.

    Google Scholar 

  3. Murtaza, S. S., Khreich, W., Hamou-Lhadj, A., & Couture, M. (2013). A host-based anomaly detection approach by representing system calls as states of kernel modules. In 24th International Symposium on Software Reliability Engineering (pp. 431–440).

    Google Scholar 

  4. Govindarajan, M., & Chandrasekaran, R. M. (2011). Intrusion detection using neural based hybrid classification methods. Computer Networks, 55(8), 1662–1671.

    Article  Google Scholar 

  5. Cannady, J., & Harrell, J. (1996). A comparative analysis of current intrusion detection technologies. In Proceedings of the Fourth Technology for Information Security Conference (p. 96).

    Google Scholar 

  6. Ning, P., & Jajodia, S. (2003). Intrusion detection techniques. The Internet Encyclopedia.

    Google Scholar 

  7. Liao, H. J., Lin, C. H. R., Lin, Y. C., & Tung, K. Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16–24.

    Article  Google Scholar 

  8. Dorj, E., & Altangerel, E. (2013). Anomaly detection approach using hidden markov model. In 8th International Forum on Strategic Technology (IFOST) (Vol. 2, pp. 141–144), IEEE.

    Google Scholar 

  9. Bhuyan, M. H., Bhattacharyya, D. K., & Kalita, J. K. (2014). Network anomaly detection: Methods, systems and tools. IEEE Communications Surveys & Tutorials, 16(1), 303–336.

    Google Scholar 

  10. Jabez, J., & Muthukumar, B. (2015). Intrusion detection system (IDS): Anomaly detection using outlier detection approach. Procedia Computer Science, 48, 338–346.

    Article  Google Scholar 

  11. Sekar, R., Gupta, A., Frullo, J., Shanbhag, T., Tiwari, A., Yang, H., & Zhou, S. (2002). Specification-based anomaly detection: a new approach for detecting network intrusions. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 265–274).

    Google Scholar 

  12. Elekar, K., Waghmare, M. M., & Priyadarshi, A. (2015). Use of rule base data mining algorithm for intrusion detection. In International Conference on Pervasive Computing. IEEE.

    Google Scholar 

  13. Ganapathy, S., Kulothungan, K., Muthurajkumar, S., Vijayalakshmi, M., Yogesh, P., & Kannan, A. (2013). Intelligent feature selection and classification techniques for intrusion detection in networks: a survey. EURASIP Journal on Wireless Communications and Networking, 1, 271.

    Article  Google Scholar 

  14. Elekar, K. S. (2015). Combination of data mining techniques for intrusion detection system. In International Conference on Computer, Communication and Control (IC4) (pp. 1–5). IEEE.

    Google Scholar 

  15. Zhang, J., & Zulkernine, M. (2006). A hybrid network intrusion detection technique using random forests. In First International Conference on Availability, Reliability and Security. IEEE.

    Google Scholar 

  16. Dhakar, M., & Tiwari, A. (2014). A novel data mining based hybrid intrusion detection framework. Journal of Information and Computing Science, 9(1), 37–48.

    Google Scholar 

  17. Golmah, V. (2014). An efficient hybrid intrusion detection system based on C5.0 and SVM. International Journal of Database Theory and Application, 7(2), 59–70.

    Google Scholar 

  18. Pan, Shengyi, Morris, Thomas, & Adhikari, Uttam. (2015). Developing a hybrid intrusion detection system using data mining for power systems. IEEE Transactions on Smart Grid, 6(6), 3104–3113.

    Article  Google Scholar 

  19. Li, F. (2010). Hybrid neural network intrusion detection system using genetic algorithm. In Multimedia Technology International Conference (pp. 1–4).

    Google Scholar 

  20. Malik, A. J., Khan, F. A. (2013). A hybrid technique using multi-objective particle swarm optimization and random forests for PROBE attacks detection in a network. In International Conference on Systems, Man, and Cybernetics (pp. 2473–2478). IEEE.

    Google Scholar 

  21. Panda, M., Abraham, A., & Patra, M. R. (2012). A hybrid intelligent approach for network intrusion detection. Procedia Engineering, 30, 1–9.

    Google Scholar 

  22. Powers, Simon T., & He, Jun. (2008). A hybrid artificial immune system and self organising map for network intrusion detection. Information Sciences, 178(15), 3024–3042.

    Article  Google Scholar 

  23. Nalini, N., & Rao, G. R. (2006). Network intrusion detection via a hybrid of genetic algorithms and principal component analysis. In International Conference on Advanced Computing and Communications (pp. 173–178).

    Google Scholar 

  24. Zhou, Y. P. (2009). Hybrid model based on artificial immune system and PCA neural networks for intrusion detection. In Information Processing, Asia-Pacific Conference (Vol. 1, pp. 21–24).

    Google Scholar 

  25. Kennedy, J., & Eberhart, R. C. (1997). A discrete binary version of the particle swarm algorithm. In IEEE International Conference on Systems, Man, and Cybernetics,. Computational Cybernetics and Simulation (Vol. 5, pp. 4104–4108).

    Google Scholar 

  26. Wang, Z., Sun, X., & Zhang, D. (2006). Classification rule mining based on particle swarm optimization. In International Conference on Rough Sets and Knowledge Technology (pp. 436–441). Berlin: Springer.

    Google Scholar 

  27. Xue, B., Zhang, M., & Browne, W. N. (2013). Particle swarm optimization for feature selection in classification: A multi-objective approach. IEEE Transactions on Cybernetics, 43(6), 1656–1671.

    Google Scholar 

  28. Zheng, H., Hou, M., & Wang, Y. (2011). An efficient hybrid clustering-PSO algorithm for anomaly intrusion detection. Journal of Software, 6(12), 2350–2360.

    Google Scholar 

  29. Aburomman, A. A., & Reaz, M. B. I. (2016). A novel SVM-kNN-PSO ensemble method for intrusion detection system. Applied Soft Computing, 38, 360–372.

    Google Scholar 

  30. Htun, P. T., & Khaing, K. T. (2013). Detection model for daniel-of-service attacks using random forest and k-nearest neighbors. International Journal of Advanced Research in Computer Engineering & Technology, 2.

    Google Scholar 

  31. Govindarajan, M., & Chandrasekaran, R. M. (2009). Intrusion detection using k-nearest neighbor. In International Conference on Advanced Computing (pp. 13–20).

    Google Scholar 

  32. Sewaiwar, P., & Verma, K. K. (2015). Comparative study of various decision tree classification algorithm using WEKA.

    Google Scholar 

  33. Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. In IEEE Symposium on Computational Intelligence for Security and Defense Applications (pp. 1–6).

    Google Scholar 

  34. Lin, S. W., Ying, K. C., Lee, C. Y., & Lee, Z. J. (2012). An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection. Applied Soft Computing, 12(10), 3285–3290.

    Article  Google Scholar 

  35. Amiri, F., Yousefi, M. R., Lucas, C., Shakery, A., & Yazdani, N. (2011). Mutual information-based feature selection for intrusion detection systems. Journal of Network and Computer Applications, 34(4), 1184–1199.

    Article  Google Scholar 

  36. Gautam, S. K., & Om, H. (2017). Comparative analysis of classification techniques in network based intrusion detection systems. In Proceedings of the First International Conference on Intelligent Computing and Communication (pp. 591–601). Singapore: Springer.

    Google Scholar 

  37. Pfahringer, B. (2000). Winning the KDD99 classification cup: Bagged boosting. ACM SIGKDD Explorations Newsletter, 1(2), 65–66.

    Google Scholar 

  38. Levin, Itzhak. (2000). KDD-99 classifier learning contest: LLSoft’s results overview. SIGKDD Explorations, 1(2), 67–75.

    Article  Google Scholar 

  39. Kuang, L., & Zulkernine, M. (2008). An anomaly intrusion detection method using the CSI-KNN algorithm. In Proceedings of the 2008 ACM symposium on Applied Computing (pp. 921–926).

    Google Scholar 

  40. Khor, K.-C., Ting, C.-Y., & Phon-Amnuaisuk, S. (2012). A cascaded classifier approach for improving detection rates on rare attack categories in network intrusion detection. Applied Intelligence, 36(2), 320–329.

    Article  Google Scholar 

  41. Guo, C., Ping, Y., Liu, N., & Luo, S. S. (2016). A two-level hybrid approach for intrusion detection. Neurocomputing, 214, 391–400.

    Article  Google Scholar 

  42. Kaliannan, J., Baskaran, A., Dey, N., & Ashour, A. S. (2016). Ant colony optimization algorithm based PID controller for LFC of single area power system with non-linearity and boiler dynamics. The World Journal of Modelling and Simulation, 12(1), 3–14.

    Google Scholar 

  43. Kaliannan, J., Baskaran, A., & Dey, N. (2015). Automatic generation control of thermal-thermal-hydro power systems with PID controller using ant colony optimization. International Journal of Service Science, Management, Engineering, and Technology (IJSSMET), 6(2), 18–34.

    Google Scholar 

  44. Jagatheesan, K., Anand, B., Samanta, S., Dey, N., Ashour, A. S., & Balas, V. E. (2017). Particle swarm optimisation-based parameters optimisation of PID controller for load frequency control of multi-area reheat thermal power systems. International Journal of Advanced Intelligence Paradigms, 9(5–6), 464–489.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department Engineering and Computing, Institute of Advanced Research, Gandhinagar, India

    Sunil Gautam

  2. Department of Computer Science and Engineering, Indian Institute of Technology (ISM), Dhanbad, India

    Hari Om & Kumar Dixit

Authors
  1. Sunil Gautam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hari Om
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kumar Dixit
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sunil Gautam .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Science and Technology (Autonomous), Berhampur, Odisha, India

    Santosh Kumar Das

  2. Division of Computational Mechatronics, Institute for Computational Science, Ton Duc Thang University, Ho Chi Minh City, Vietnam

    Thanh-Phong Dao

  3. Department of Computer Science, Faculty of Computer Science and Information Technology, Universiti Putra Malaysia, Seri Kembangan, Malaysia

    Thinagaran Perumal

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Gautam, S., Om, H., Dixit, K. (2021). A Novel Multilevel Classifier Hybrid Model for Intrusion Detection Using Machine Learning. In: Das, S.K., Dao, TP., Perumal, T. (eds) Nature-Inspired Computing for Smart Application Design. Springer Tracts in Nature-Inspired Computing. Springer, Singapore. https://doi.org/10.1007/978-981-33-6195-9_12

Download citation

  • DOI: https://doi.org/10.1007/978-981-33-6195-9_12

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-33-6194-2

  • Online ISBN: 978-981-33-6195-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation