Communications of the ACM
Incremental Learning With Sample Queries
IEEE Transactions on Pattern Analysis and Machine Intelligence
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Practical automated detection of stealthy portscans
Journal of Computer Security
The Effects of Training Set Size on Decision Tree Complexity
ICML '97 Proceedings of the Fourteenth International Conference on Machine Learning
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Intrusion detection using hierarchical neural networks
Pattern Recognition Letters
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Learning program behavior profiles for intrusion detection
ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1
Mining data by query-based error-propagation
ICNC'05 Proceedings of the First international conference on Advances in Natural Computation - Volume Part I
Disease diagnosis using query-based neural networks
ISNN'05 Proceedings of the Second international conference on Advances in Neural Networks - Volume Part III
Anomaly detection in IP networks
IEEE Transactions on Signal Processing
Unsupervised query-based learning of neural networks using selective-attention and self-regulation
IEEE Transactions on Neural Networks
Query-based learning for aerospace applications
IEEE Transactions on Neural Networks
Hi-index | 0.00 |
This paper presents a novel approach for training a network intrusion detection system based on a query-based sampling (QBS) filter. The proposed QBS filter applies the concepts of data quantization to signal processing in order to develop a novel classification system. Through interaction with a partially trained classifier, the QBS filter can use an oracle to produce high-quality training data. We tested the method with a benchmark intrusion dataset to verify its performance and effectiveness. Results show that selecting qualified training data will have an impact not only on the performance but also on overall execution (to reduce distortion). This method can significantly increase the accuracy of the detection rate for suspicious activity and can recognize rare attacks. Additionally, the method can improve the efficiency of real-time intrusion detection models.