C4.5: programs for machine learning
C4.5: programs for machine learning
Neural network fundamentals with graphs, algorithms, and applications
Neural network fundamentals with graphs, algorithms, and applications
A simple, fast, and effective rule learner
AAAI '99/IAAI '99 Proceedings of the sixteenth national conference on Artificial intelligence and the eleventh Innovative applications of artificial intelligence conference innovative applications of artificial intelligence
Computational Explorations in Cognitive Neuroscience: Understanding the Mind by Simulating the Brain
Computational Explorations in Cognitive Neuroscience: Understanding the Mind by Simulating the Brain
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
USTAT: A Real-Time Intrusion Detection System for UNIX
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Learning Rules for Anomaly Detection of Hostile Network Traffic
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
Combining Pattern Classifiers: Methods and Algorithms
Combining Pattern Classifiers: Methods and Algorithms
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
IEEE Transactions on Knowledge and Data Engineering
Detecting fraud in online games of chance and lotteries
Expert Systems with Applications: An International Journal
Decision tree based light weight intrusion detection using a wrapper approach
Expert Systems with Applications: An International Journal
Hi-index | 0.00 |
We present a classifier ensemble system using a combination of Neural Networks and rule-based systems as base classifiers that is capable of detecting network-initiated intrusion attacks on web servers. The system can recognize novel attacks (i.e., attacks it has never seen before) and categorize them as such. The performance of the Neural Network in detecting attacks from network data alone is very good with success rates of more than 78% in recognizing new attacks but suffers from high false alarms rates. An ensemble combining the original ANN with a second component that monitors the server's system calls for detecting unusual activity results in high prediction accuracy with very small false alarm rates. We experiment with a variety of ensemble classifiers and decision making schemes for final classification. We report on the results we got from our approach and future directions for this research