Meta learning intrusion detection in real time network

Authors:
Rongfang Bie;Xin Jin;Chuanliang Chen;Chuan Xu;Ronghuai Huang
Affiliations:
College of Information Science and Technology, Beijing Normal University, Beijing, P.R. China;College of Information Science and Technology, Beijing Normal University, Beijing, P.R. China;College of Information Science and Technology, Beijing Normal University, Beijing, P.R. China;College of Information Science and Technology, Beijing Normal University, Beijing, P.R. China;School of Education Technology, Beijing Normal University, Beijing, P.R. China
Venue:
ICANN'07 Proceedings of the 17th international conference on Artificial neural networks
Year:
2007

Citing 13
Cited 0

An Intrusion-Detection Model

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
C4.5: programs for machine learning

C4.5: programs for machine learning
Data mining: practical machine learning tools and techniques with Java implementations

Data mining: practical machine learning tools and techniques with Java implementations
MultiBoosting: A Technique for Combining Boosting and Wagging

Machine Learning
NetSTAT: a network-based intrusion detection system

Journal of Computer Security
Clustering by pattern similarity in large data sets

Proceedings of the 2002 ACM SIGMOD international conference on Management of data
An Application of Machine Learning to Network Intrusion Detection

ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Face Recognition by Support Vector Machines

FG '00 Proceedings of the Fourth IEEE International Conference on Automatic Face and Gesture Recognition 2000
Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks

SAINT '03 Proceedings of the 2003 Symposium on Applications and the Internet
Online Training of SVMs for Real-time Intrusion Detection

AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
A comparison of event models for Naive Bayes anti-spam e-mail filtering

EACL '03 Proceedings of the tenth conference on European chapter of the Association for Computational Linguistics - Volume 1
Two-tier based intrusion detection system

FSKD'05 Proceedings of the Second international conference on Fuzzy Systems and Knowledge Discovery - Volume Part II
Robust radial basis function neural networks

IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics

Quantified Score

Hi-index	0.00

Visualization

Abstract

With the rapid increase in connectivity and accessibility of computer systems over the internet which has resulted in frequent opportunities for intrusions and attacks, intrusion detection on the network has become a crucial issue for computer system security. Methods based on hand-coded rule sets are laborous to build and not very reliable. This problem has led to an increasing interest in intrusion detection techniques based upon machine learning or data mining. However, traditional data mining based intrusion detection systems use single classifier in their detection engines. In this paper, we propose a meta learning based method for intrusion detection by MultiBoosting multi classifiers. MultiBoosting can form decision committees by combining AdaBoost with wagging. It is able to harness both AdaBoost's high bias and variance reduction with wagging's superior variance reduction. Experiments results show that MultiBoosting can improve the detection performance of state-of-art machine learning based intrusion detection techniques. Furthermore, we present a Symmetrical Uncertainty (SU) based method for reducing network connection features to make MultiBoosting more efficient in real-time network environment, in the meanwhile, keep the detection performance unundermined and in some cases, even further improved.