State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
ACM Transactions on Information and System Security (TISSEC)
Linear Dimensionality Reduction via a Heteroscedastic Extension of LDA: The Chernoff Criterion
IEEE Transactions on Pattern Analysis and Machine Intelligence
IEEE Transactions on Pattern Analysis and Machine Intelligence
An overview of anomaly detection techniques: Existing solutions and latest technological trends
Computer Networks: The International Journal of Computer and Telecommunications Networking
A hybrid machine learning approach to network anomaly detection
Information Sciences: an International Journal
A new intrusion detection system using support vector machines and hierarchical clustering
The VLDB Journal — The International Journal on Very Large Data Bases
Improving network security using genetic algorithm approach
Computers and Electrical Engineering
Robust speech recognition using evolutionary class-dependent LDA
Proceedings of the 11th Annual Conference Companion on Genetic and Evolutionary Computation Conference: Late Breaking Papers
Review: Intrusion detection by machine learning: A review
Expert Systems with Applications: An International Journal
A detailed analysis of the KDD CUP 99 data set
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Journal of Network and Computer Applications
Hi-index | 0.00 |
Intrusion Detection Systems (IDS) mainly focus on the original features extracted from the communications networks without complex pre-processing. In this paper, we propose new methods for class-dependent feature transformation to improve the accuracy of the IDS. In the previously known class-dependent feature transformation methods, the mapping process is accomplished by employing separate mapping matrices for each class of the dataset. In the training phase, samples of each class is mapped using only the corresponding matrix, whereas, in the test phase, each sample is mapped using all transformation matrices. This may lead to inaccuracy in classification. We modify the training and test phases of the class-dependent methods to extract more information from the dataset in the training phase that the other class-dependent methods ignore. Unlike the previously known class-dependent methods, the training and test phases of our proposed methods are very similar. We evaluate the performance of the proposed methods by measuring Mutual Information, and Maximum-Relevancy Minimum-Redundancy Information on a benchmark dataset for intrusion detection, namely NSL-KDD dataset, and on three different types of classifiers: distance-based, neural network-based, and decision tree-based classifiers. The experimental results demonstrate that the classifiers trained on the dataset transformed by our proposed feature transformation methods are more accurate in detecting intruders. In all experiments, the proposed methods perform better than their peers in increasing the classifier accuracy and reducing the false alarm of the detection process. Copyright © 2011 John Wiley & Sons, Ltd.