Intrusion detection with neural networks
NIPS '97 Proceedings of the 1997 conference on Advances in neural information processing systems 10
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Fusion of multiple classifiers for intrusion detection in computer networks
Pattern Recognition Letters
Results of the KDD'99 classifier learning
ACM SIGKDD Explorations Newsletter
Combining Pattern Classifiers: Methods and Algorithms
Combining Pattern Classifiers: Methods and Algorithms
Approach based ensemble methods for better and faster intrusion detection
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
An efficient local region and clustering-based ensemble system for intrusion detection
Proceedings of the 15th Symposium on International Database Engineering & Applications
A single-domain, representation-learning model for big data classification of network intrusion
MLDM'13 Proceedings of the 9th international conference on Machine Learning and Data Mining in Pattern Recognition
Hi-index | 0.00 |
Intrusion Detection Systems (IDSs) play an essential role in today's network security infrastructures. Their main aim is in finding out traces of intrusion attempts alerting the network administrator as soon as possible, so that she can take suitable countermeasures. In this paper we propose a misuse-based Network Intrusion Detection architecture in which we combine multiple one-class classifiers. Each one-class classifier is trained in order to discriminate between a specific attack and all other traffic patterns. As attacks can be grouped in classes according to a taxonomy, for each attack class a number of one-class classifiers are trained, each one specialized to a specific attack. The proposed multiple classifier architecture combine the outputs of one class classifiers to attain an IDS based on generalized attack signatures. The aim is in labelling a pattern either as normal or as belonging to one of the attack classes according to the adopted taxonomy. The potentials and effectiveness of the proposed approach are analysed and discussed.