Improving Accuracy in Intrusion Detection Systems Using Classifier Ensemble and Clustering
Authors
Abstract:
Recently by developing the technology, the number of network-based servicesis increasing, and sensitive information of users is shared through the Internet.Accordingly, large-scale malicious attacks on computer networks could causesevere disruption to network services so cybersecurity turns to a major concern fornetworks. An intrusion detection system (IDS) could be considered as anappropriate solution to address the cybersecurity. Despite the applying differentmachine learning methods by researchers, low accuracy and high False AlarmRate are still critical issues for IDS. In this paper, we propose a new approach forimproving the accuracy and performance of intrusion detection. The proposedapproach utilizes a clustering-based method for sampling the records, as well asan ensembling strategy for final decision on the class of each sample. For reducingthe process time, K-means clustering is done on the samples and a fraction of eachcluster is chosen. On the other hand, incorporating three classifiers includingDecision Tree (DT), K-Nearest-Neighbor (KNN) and Deep Learning in theensembling process results to an improved level of precision and confidence. Themodel is tested by different kinds of feature selection methods. The introducedframework was evaluated on NSL-KDD dataset. The experimental results yieldedan improvement in accuracy in comparison with other models
similar resources
Improving Network Intrusion Detection Through Classifier Combination
Network intrusion detection is a problem that’s hardly being solved completely. Firewalls and other existing solutions do provide some resistance to the wide variety of attack types that can occur, but they suffer the drawback of not being able to generalize well into unseen attack types. Through this report, we propose a framework for addressing the problem of network intrusion by extracting i...
full textIntrusion detection using clustering
In increasing trends of network environment every one gets connected to the system. So there is need of securing information, because there are lots of security threats are present in network environment. A number of techniques are available for intrusion detection. Data mining is the one of the efficient techniques available for intrusion detection. Data mining techniques may be supervised or ...
full textCombining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems
Modern Supervisory Control and Data Acquisition SCADA systems used by the electric utility industry to monitor and control electric power generation, transmission and distribution are recognized today as critical components of the electric power delivery infrastructure. SCADA systems are large, complex and incorporate increasing numbers of widely distributed components. The presence of a real t...
full textFault Detection of Bearings Using a Rule-based Classifier Ensemble and Genetic Algorithm
This paper proposes a reduct construction method based on discernibility matrix simplification. The method works with genetic algorithm. To identify potential problems and prevent complete failure of bearings, a new method based on rule-based classifier ensemble is presented. Genetic algorithm is used for feature reduction. The generated rules of the reducts are used to build the candidate base...
full textEnsemble Design for Intrusion Detection Systems
Intrusion Detection problem is one of the most promising research issues of Information Security. The problem provides excellent opportunities in terms of providing host and network security. Intrusion detection is divided into two categories with respect to the type of detection. Misuse detection and Anomaly detection. Intrusion detection is done using rule based, Statistical, and Soft computi...
full textGP Ensemble for Distributed Intrusion Detection Systems
In this paper an intrusion detection algorithm based on GP ensembles is proposed. The algorithm runs on a distributed hybrid multiisland model-based environment to monitor security-related activity within a network. Each island contains a cellular genetic program whose aim is to generate a decision-tree predictor, trained on the local data stored in the node. Every genetic program operates coop...
full textMy Resources
Journal title
volume 11 issue 4
pages 1- 10
publication date 2020-11-01
By following a journal you will be notified via email when a new issue of this journal is published.
Hosted on Doprax cloud platform doprax.com
copyright © 2015-2023