Using attack-specific feature subsets for network intrusion detection

Authors:
Sung Woo Shin;Chi Hoon Lee
Affiliations:
School of Business Administration, Seoul, Korea;School of Information and Communication Engineering, Suwon, Korea
Venue:
AI'06 Proceedings of the 19th Australian joint conference on Artificial Intelligence: advances in Artificial Intelligence
Year:
2006

Citing 7
Cited 7

Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory

ACM Transactions on Information and System Security (TISSEC)
Data mining-based intrusion detectors: an overview of the columbia IDS project

ACM SIGMOD Record
Further Research on Feature Selection and Classification Using Genetic Algorithms

Proceedings of the 5th International Conference on Genetic Algorithms
Fusion of multiple classifiers for intrusion detection in computer networks

Pattern Recognition Letters
Intrusion detection using an ensemble of intelligent paradigms

Journal of Network and Computer Applications - Special issue on computational intelligence on the internet
Intrusion detection using hierarchical neural networks

Pattern Recognition Letters
Induction of selective Bayesian classifiers

UAI'94 Proceedings of the Tenth international conference on Uncertainty in artificial intelligence

Similarity-based classification using specific features in network intrusion detection

AsiaCSN '08 Proceedings of the Fifth IASTED International Conference on Communication Systems and Networks
Feature selection using rough-DPSO in anomaly intrusion detection

ICCSA'07 Proceedings of the 2007 international conference on Computational science and its applications - Volume Part I
Using confusion matrices and confusion graphs to design ensemble classification models from large datasets

DaWaK'11 Proceedings of the 13th international conference on Data warehousing and knowledge discovery
Empirical comparison of four classifier fusion strategies for positive-versus-negative ensembles

Proceedings of the South African Institute of Computer Scientists and Information Technologists Conference on Knowledge, Innovation and Leadership in a Diverse, Multidisciplinary Environment
Using OVA modeling to improve classification performance for large datasets

Expert Systems with Applications: An International Journal
Base Model Combination Algorithm for Resolving Tied Predictions for K-Nearest Neighbor OVA Ensemble Models

INFORMS Journal on Computing
Positive-versus-Negative Classification for Model Aggregation in Predictive Data Mining

INFORMS Journal on Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of the essential tasks for building a network intrusion detection system might be to differentiate a salient feature subset from noisy and/or redundant features. Especially, in real-time environment too many features to be monitored deteriorate the system performance. In this paper, we focus on extracting robust feature subsets that maximizes inter-classes seperability with minimized subset size based on a genetic algorithm-based optimization, reducing both false positive and false negative errors by learning class-specific feature subsets. Experimental results show that the proposed approach is especially effective in detecting totally unknown attack patterns compared with single feature-subset model.