Improving Performance of Anomaly-Based IDS by Combining Multiple Classifiers

Authors:
Kazuya Kishimoto;Hirofumi Yamaki;Hiroki Takakura
Affiliations:
-;-;-
Venue:
SAINT '11 Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the Internet
Year:
2011

Citing 0
Cited 2

Nonparametric semi-supervised learning for network intrusion detection: combining performance improvements with realistic in-situ training

Proceedings of the 5th ACM workshop on Security and artificial intelligence
A learning system for discriminating variants of malicious network traffic

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Quantified Score

Hi-index	0.00

Visualization

Abstract

Intrusion detection systems (IDSs) play an important role to defend networks from cyber attacks. Among them, anomaly-based IDSs can detect unknown attacks like 0-day attacks that are hard to detect by using signature-based system. However, they have problems that their performance depends on a learning dataset. It is very hard to prepare an appropriate learning dataset in a static fashion, because the traffic in the Internet changes quite dynamically and complexity. In this paper, we propose a method that follows traffic trend by combining multiple classifiers. We evaluate our method using Kyoto2006+ and existing algorithm.