Building lightweight intrusion detection system based on random forest

Authors:
Dong Seong Kim;Sang Min Lee;Jong Sou Park
Affiliations:
Network Security Lab., Computer Engineering Department, Hankuk Aviation University, Goyang-city, Gyeonggi-do, Korea;Network Security Lab., Computer Engineering Department, Hankuk Aviation University, Goyang-city, Gyeonggi-do, Korea;Network Security Lab., Computer Engineering Department, Hankuk Aviation University, Goyang-city, Gyeonggi-do, Korea
Venue:
ISNN'06 Proceedings of the Third international conference on Advances in Neural Networks - Volume Part III
Year:
2006

Citing 9
Cited 2

Random Forests

Machine Learning
Anomaly Detection Enhanced Classification in Computer Intrusion Detection

SVM '02 Proceedings of the First International Workshop on Pattern Recognition with Support Vector Machines
Applications of Hidden Markov Models to Detecting Multi-Stage Network Attacks

HICSS '03 Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9 - Volume 9
Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks

SAINT '03 Proceedings of the 2003 Symposium on Applications and the Internet
Stateful Intrusion Detection for High-Speed Networks

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Pattern Classification (2nd Edition)

Pattern Classification (2nd Edition)
Efficient packet classification for network intrusion detection using FPGA

Proceedings of the 2005 ACM/SIGDA 13th international symposium on Field-programmable gate arrays
Toward modeling lightweight intrusion detection system through correlation-based hybrid feature selection

CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Fusions of GA and SVM for anomaly detection in intrusion detection system

ISNN'05 Proceedings of the Second international conference on Advances in Neural Networks - Volume Part III

Survey and taxonomy of feature selection algorithms in intrusion detection system

Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Improving the performance of neural networks with random forest in detecting network intrusions

ISNN'13 Proceedings of the 10th international conference on Advances in Neural Networks - Volume Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper proposes a new approach to build lightweight Intrusion Detection System (IDS) based on Random Forest (RF). RF is a special kind of ensemble learning techniques and it turns out to perform very well compared to other classification algorithms such as Support Vector Machines (SVM) and Artificial Neural Networks (ANN). In addition, RF produces a measure of importance of feature variables. Our approach is able not only to show high detection rates but also to figure out stable output of important features simultaneously. The results of experiments on KDD 1999 intrusion detection dataset indicate the feasibility of our approach.