Combination of data mining techniques for intrusion detection system

Elekar, Kailas

doi:10.1109/ic4.2015.7375727

Cited by 12 publications

(3 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In particular, they identified that data feature reduction contributes to improve classification performance and reduce memory and CPU time. Elekar [28] discussed combinations of machine learning techniques in order to improve an attack detection rate and reduce a false attack detection rate for IDSs. C4.5 with random tree, C4.5 with random forest, and random forest with random tree are considered as possible combination candidates and it is identified that the performance of C4.5 with random tree is better than others for both improving an attack detection rate and reducing a false attack detection rate.…”

Section: Mapping Selected Studies By Ensemble Methodsmentioning

confidence: 99%

Ensemble learning for intrusion detection systems: A systematic mapping study and cross-benchmark evaluation

Tama

Lim

2021

Computer Science Review

100

View full text Add to dashboard Cite

Intrusion detection systems (IDSs) are intrinsically linked to a comprehensive solution of cyberattacks prevention instruments. To achieve a higher detection rate, the ability to design an improved detection framework is sought after, particularly when utilizing ensemble learners. Designing an ensemble often lies in two main challenges such as the choice of available base classifiers and combiner methods. This paper performs an overview of how ensemble learners are exploited in IDSs by means of systematic mapping study. We collected and analyzed 124 prominent publications from the existing literature. The selected publications were then mapped into several categories such as years of publications, publication venues, datasets used, ensemble methods, and IDS techniques. Furthermore, this study reports and analyzes an empirical investigation of a new classifier ensemble approach, called stack of ensemble (SoE) for anomaly-based IDS. The SoE is an ensemble classifier that adopts parallel architecture to combine three individual ensemble learners such as random forest, gradient boosting machine, and extreme gradient boosting machine in a homogeneous manner. The performance significance among classification algorithms is statistically examined in terms of their Matthews correlation coefficients, accuracies, false positive rates, and area under ROC curve metrics. Our study fills the gap in current literature concerning an up-to-date systematic mapping study, not to mention an extensive empirical evaluation of the recent advances of ensemble learning techniques applied to IDSs.

show abstract

Section: Mapping Selected Studies By Ensemble Methodsmentioning

confidence: 99%

Ensemble learning for intrusion detection systems: A systematic mapping study and cross-benchmark evaluation

Tama

Lim

2021

Computer Science Review

100

View full text Add to dashboard Cite

show abstract

“…This method reduced error rates more than traditional pruning algorithms. In turn, combining two or more algorithms with the DT to overcome the detection rate problem was proposed by Elekar, 74 where different categories of attack detection are performed using different combinations of algorithms, such as J48 DT with a combination of Random Forest, J48 with the Random Tree, and the Random Tree with collaboration of the Random Forest. The results showed that J48 combined with the Random Forest improved the detection rate (92.62%) for DoS, U2R, and R2L attacks with a low false positive rate for probe attacks.…”

Section: Decision Treementioning

confidence: 99%

Machine learning in cybersecurity: a comprehensive survey

Dasgupta

Akhtar

Sen

2020

Journal of Defense Modeling & Simulation

110

View full text Add to dashboard Cite

Today’s world is highly network interconnected owing to the pervasiveness of small personal devices (e.g., smartphones) as well as large computing devices or services (e.g., cloud computing or online banking), and thereby each passing minute millions of data bytes are being generated, processed, exchanged, shared, and utilized to yield outcomes in specific applications. Thus, securing the data, machines (devices), and user’s privacy in cyberspace has become an utmost concern for individuals, business organizations, and national governments. In recent years, machine learning (ML) has been widely employed in cybersecurity, for example, intrusion or malware detection and biometric-based user authentication. However, ML algorithms are vulnerable to attacks both in the training and testing phases, which usually leads to remarkable performance decreases and security breaches. Comparatively, limited studies have been conducted to understand the essence and degree of the vulnerabilities of ML techniques against security threats and their defensive mechanisms. It is imperative to systematize recent works related to cybersecurity using ML to seek the attention of researchers, scientists, and engineers. Therefore, in this paper, we provide a comprehensive survey of the works that have been carried out most recently (from 2013 to 2018) on ML in cybersecurity, describing the basics of cyber-attacks and corresponding defenses, the basics of the most commonly used ML algorithms, and proposed ML and data mining schemes for cybersecurity in terms of features, dimensionality reduction, and classification/detection techniques. In this context, this article also provides an overview of adversarial ML, including the security characteristics of deep learning methods. Finally, open issues and challenges in cybersecurity are highlighted and potential future research directions are discussed.

show abstract

“…With the development of technology and the further popularization of computer, the use of network has become more extensive [1], which not only changes the way people study and work, but also creates great values for economic development. However, the network security problem is becoming more and more prominent [2], means of intrusion attack is becoming more complex and diverse [3], which means greater and stronger harms, and the difficulty of intrusion prevention is becoming higher.…”

Section: Introductionmentioning

confidence: 99%

Research on the Detection of Network Intrusion Prevention With Svm Based Optimization Algorithm

Wang¹,

Xu²

2020

IJCAI

View full text Add to dashboard Cite

Support vector machine (SVM) has a good application in intrusion detection, but its performance needs to be further improved. This study mainly analyzed the SVM optimization algorithm. The principle of SVM was introduced firstly, then SVM was improved using the improved whale optimization algorithm (WOA), the improved WOA (IWOA)-SVM based intrusion detection method was analyzed, and finally experiments were carried out on KDD CUP99 to verify the effectiveness of the algorithm. The results showed that the IWAO-SVM algorithm was more accurate in attack detection; compared with SVM, PSO-SVM and ant colony optimization (ACO)-SVM algorithms, the performance of the IWAO-SVM algorithm was better, the detection rate was 99.89%, the precision ratio was 99.92%, the accuracy rate was 99.86%, and the detection time was 192 s, showing that it had high precision in intrusion detection. The experimental results verify the reliability of the IWAO-SVM algorithm, and it can be promoted and applied in the detection of network intrusion prevention.Povzetek: Algoritem SVM je bil prilagojen za iskanje napadov v omrežjih.

show abstract

Combination of data mining techniques for intrusion detection system

Cited by 12 publications

References 19 publications

Ensemble learning for intrusion detection systems: A systematic mapping study and cross-benchmark evaluation

Ensemble learning for intrusion detection systems: A systematic mapping study and cross-benchmark evaluation

Machine learning in cybersecurity: a comprehensive survey

Research on the Detection of Network Intrusion Prevention With Svm Based Optimization Algorithm

Contact Info

Product

Resources

About