Abstract
Due to widespread of Internet, the malicious activities are increasing that affect a single system as well as a network of systems (computer networks). Therefore, a system required for of an effective intrusion detection system (IDS) that can protect the user’s information, which is a great demanding task. In this research work, develop a novel multilevel classifier hybrid model of IDS using machine learning technique that combines together the misuse and anomaly detection approaches using the supervised and unsupervised learning approaches. This model contains two phases: In first phase, the random tree classifier classifies the dataset into known attacks using the misuse detection approach, and second phase classifies the novel attacks using the anomaly detection approach. It uses the instance-based learning method is used the k-nearest neighbor algorithm separately in phase 2. The proposed model provides a significant improvement of in predication accuracy, reduces false positive rate, and reduces the training time. Hence, it is confirmed that proposed model is a novel combination of classifiers that can be trained on a dataset in parallel, thus saves the training time and makes the system processing faster. Using simulation results, we describe that the developed model provides more significant results than the previous IDS models.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Desale, K. S., Kumathekar, C. N., & Chavan, A. P. (2015). Efficient intrusion detection system using stream data mining classification technique. In International Conference on Computing Communication Control and Automation (ICCUBEA) (pp. 469–473). IEEE.
Mohammad, M. N., Sulaiman, N., Muhsin, O. A. (2011). A novel intrusion detection system by using intelligent data mining in weka environment. Procedia Computer Science, 3, 1237–1242.
Murtaza, S. S., Khreich, W., Hamou-Lhadj, A., & Couture, M. (2013). A host-based anomaly detection approach by representing system calls as states of kernel modules. In 24th International Symposium on Software Reliability Engineering (pp. 431–440).
Govindarajan, M., & Chandrasekaran, R. M. (2011). Intrusion detection using neural based hybrid classification methods. Computer Networks, 55(8), 1662–1671.
Cannady, J., & Harrell, J. (1996). A comparative analysis of current intrusion detection technologies. In Proceedings of the Fourth Technology for Information Security Conference (p. 96).
Ning, P., & Jajodia, S. (2003). Intrusion detection techniques. The Internet Encyclopedia.
Liao, H. J., Lin, C. H. R., Lin, Y. C., & Tung, K. Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16–24.
Dorj, E., & Altangerel, E. (2013). Anomaly detection approach using hidden markov model. In 8th International Forum on Strategic Technology (IFOST) (Vol. 2, pp. 141–144), IEEE.
Bhuyan, M. H., Bhattacharyya, D. K., & Kalita, J. K. (2014). Network anomaly detection: Methods, systems and tools. IEEE Communications Surveys & Tutorials, 16(1), 303–336.
Jabez, J., & Muthukumar, B. (2015). Intrusion detection system (IDS): Anomaly detection using outlier detection approach. Procedia Computer Science, 48, 338–346.
Sekar, R., Gupta, A., Frullo, J., Shanbhag, T., Tiwari, A., Yang, H., & Zhou, S. (2002). Specification-based anomaly detection: a new approach for detecting network intrusions. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 265–274).
Elekar, K., Waghmare, M. M., & Priyadarshi, A. (2015). Use of rule base data mining algorithm for intrusion detection. In International Conference on Pervasive Computing. IEEE.
Ganapathy, S., Kulothungan, K., Muthurajkumar, S., Vijayalakshmi, M., Yogesh, P., & Kannan, A. (2013). Intelligent feature selection and classification techniques for intrusion detection in networks: a survey. EURASIP Journal on Wireless Communications and Networking, 1, 271.
Elekar, K. S. (2015). Combination of data mining techniques for intrusion detection system. In International Conference on Computer, Communication and Control (IC4) (pp. 1–5). IEEE.
Zhang, J., & Zulkernine, M. (2006). A hybrid network intrusion detection technique using random forests. In First International Conference on Availability, Reliability and Security. IEEE.
Dhakar, M., & Tiwari, A. (2014). A novel data mining based hybrid intrusion detection framework. Journal of Information and Computing Science, 9(1), 37–48.
Golmah, V. (2014). An efficient hybrid intrusion detection system based on C5.0 and SVM. International Journal of Database Theory and Application, 7(2), 59–70.
Pan, Shengyi, Morris, Thomas, & Adhikari, Uttam. (2015). Developing a hybrid intrusion detection system using data mining for power systems. IEEE Transactions on Smart Grid, 6(6), 3104–3113.
Li, F. (2010). Hybrid neural network intrusion detection system using genetic algorithm. In Multimedia Technology International Conference (pp. 1–4).
Malik, A. J., Khan, F. A. (2013). A hybrid technique using multi-objective particle swarm optimization and random forests for PROBE attacks detection in a network. In International Conference on Systems, Man, and Cybernetics (pp. 2473–2478). IEEE.
Panda, M., Abraham, A., & Patra, M. R. (2012). A hybrid intelligent approach for network intrusion detection. Procedia Engineering, 30, 1–9.
Powers, Simon T., & He, Jun. (2008). A hybrid artificial immune system and self organising map for network intrusion detection. Information Sciences, 178(15), 3024–3042.
Nalini, N., & Rao, G. R. (2006). Network intrusion detection via a hybrid of genetic algorithms and principal component analysis. In International Conference on Advanced Computing and Communications (pp. 173–178).
Zhou, Y. P. (2009). Hybrid model based on artificial immune system and PCA neural networks for intrusion detection. In Information Processing, Asia-Pacific Conference (Vol. 1, pp. 21–24).
Kennedy, J., & Eberhart, R. C. (1997). A discrete binary version of the particle swarm algorithm. In IEEE International Conference on Systems, Man, and Cybernetics,. Computational Cybernetics and Simulation (Vol. 5, pp. 4104–4108).
Wang, Z., Sun, X., & Zhang, D. (2006). Classification rule mining based on particle swarm optimization. In International Conference on Rough Sets and Knowledge Technology (pp. 436–441). Berlin: Springer.
Xue, B., Zhang, M., & Browne, W. N. (2013). Particle swarm optimization for feature selection in classification: A multi-objective approach. IEEE Transactions on Cybernetics, 43(6), 1656–1671.
Zheng, H., Hou, M., & Wang, Y. (2011). An efficient hybrid clustering-PSO algorithm for anomaly intrusion detection. Journal of Software, 6(12), 2350–2360.
Aburomman, A. A., & Reaz, M. B. I. (2016). A novel SVM-kNN-PSO ensemble method for intrusion detection system. Applied Soft Computing, 38, 360–372.
Htun, P. T., & Khaing, K. T. (2013). Detection model for daniel-of-service attacks using random forest and k-nearest neighbors. International Journal of Advanced Research in Computer Engineering & Technology, 2.
Govindarajan, M., & Chandrasekaran, R. M. (2009). Intrusion detection using k-nearest neighbor. In International Conference on Advanced Computing (pp. 13–20).
Sewaiwar, P., & Verma, K. K. (2015). Comparative study of various decision tree classification algorithm using WEKA.
Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. In IEEE Symposium on Computational Intelligence for Security and Defense Applications (pp. 1–6).
Lin, S. W., Ying, K. C., Lee, C. Y., & Lee, Z. J. (2012). An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection. Applied Soft Computing, 12(10), 3285–3290.
Amiri, F., Yousefi, M. R., Lucas, C., Shakery, A., & Yazdani, N. (2011). Mutual information-based feature selection for intrusion detection systems. Journal of Network and Computer Applications, 34(4), 1184–1199.
Gautam, S. K., & Om, H. (2017). Comparative analysis of classification techniques in network based intrusion detection systems. In Proceedings of the First International Conference on Intelligent Computing and Communication (pp. 591–601). Singapore: Springer.
Pfahringer, B. (2000). Winning the KDD99 classification cup: Bagged boosting. ACM SIGKDD Explorations Newsletter, 1(2), 65–66.
Levin, Itzhak. (2000). KDD-99 classifier learning contest: LLSoft’s results overview. SIGKDD Explorations, 1(2), 67–75.
Kuang, L., & Zulkernine, M. (2008). An anomaly intrusion detection method using the CSI-KNN algorithm. In Proceedings of the 2008 ACM symposium on Applied Computing (pp. 921–926).
Khor, K.-C., Ting, C.-Y., & Phon-Amnuaisuk, S. (2012). A cascaded classifier approach for improving detection rates on rare attack categories in network intrusion detection. Applied Intelligence, 36(2), 320–329.
Guo, C., Ping, Y., Liu, N., & Luo, S. S. (2016). A two-level hybrid approach for intrusion detection. Neurocomputing, 214, 391–400.
Kaliannan, J., Baskaran, A., Dey, N., & Ashour, A. S. (2016). Ant colony optimization algorithm based PID controller for LFC of single area power system with non-linearity and boiler dynamics. The World Journal of Modelling and Simulation, 12(1), 3–14.
Kaliannan, J., Baskaran, A., & Dey, N. (2015). Automatic generation control of thermal-thermal-hydro power systems with PID controller using ant colony optimization. International Journal of Service Science, Management, Engineering, and Technology (IJSSMET), 6(2), 18–34.
Jagatheesan, K., Anand, B., Samanta, S., Dey, N., Ashour, A. S., & Balas, V. E. (2017). Particle swarm optimisation-based parameters optimisation of PID controller for load frequency control of multi-area reheat thermal power systems. International Journal of Advanced Intelligence Paradigms, 9(5–6), 464–489.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Gautam, S., Om, H., Dixit, K. (2021). A Novel Multilevel Classifier Hybrid Model for Intrusion Detection Using Machine Learning. In: Das, S.K., Dao, TP., Perumal, T. (eds) Nature-Inspired Computing for Smart Application Design. Springer Tracts in Nature-Inspired Computing. Springer, Singapore. https://doi.org/10.1007/978-981-33-6195-9_12
Download citation
DOI: https://doi.org/10.1007/978-981-33-6195-9_12
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-33-6194-2
Online ISBN: 978-981-33-6195-9
eBook Packages: EngineeringEngineering (R0)