C4.5: programs for machine learning
C4.5: programs for machine learning
Classification and detection of computer intrusions
Classification and detection of computer intrusions
A decision-theoretic generalization of on-line learning and an application to boosting
Journal of Computer and System Sciences - Special issue: 26th annual ACM symposium on the theory of computing & STOC'94, May 23–25, 1994, and second annual Europe an conference on computational learning theory (EuroCOLT'95), March 13–15, 1995
MultiBoosting: A Technique for Combining Boosting and Wagging
Machine Learning
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Winning the KDD99 classification cup: bagged boosting
ACM SIGKDD Explorations Newsletter
Information-Theoretic Measures for Anomaly Detection
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Towards a multiagent-based distributed intrusion detection system using data mining approaches
ADMI'11 Proceedings of the 7th international conference on Agents and Data Mining Interaction
Hybrid network intrusion detection system using expert rule based approach
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
Hi-index | 0.00 |
Nowadays, as information systems are more open to the Internet, the importance of secure networks is tremendously increased. New intelligent Intrusion Detection Systems (IDSs) which are based on sophisticated algorithms rather than current signature-base detections are in demand. In this paper, we propose a new data-mining based technique for intrusion detection using an ensemble of binary classifiers with feature selection and multiboosting simultaneously. Our model employs feature selection so that the binary classifier for each type of attack can be more accurate, which improves the detection of attacks that occur less frequently in the training data. Based on the accurate binary classifiers, our model applies a new ensemble approach which aggregates each binary classifier’s decisions for the same input and decides which class is most suitable for a given input. During this process, the potential bias of certain binary classifier could be alleviated by other binary classifiers’ decision. Our model also makes use of multiboosting for reducing both variance and bias. The experimental results show that our approach provides better performance in terms of accuracy and cost than the winner entry of the ‘Knowledge Development and Data mining’ (KDD) ’99 cup challenge. Future works will extend our analysis to a new ‘Protected Repository for the Defense of Infrastructure against Cyber Threats’ (PREDICT) dataset as well as real network data.