Learning Rules for Anomaly Detection of Hostile Network Traffic
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
Consistency-based search in feature selection
Artificial Intelligence
The Journal of Machine Learning Research
Cooperative Multi-Agent Learning: The State of the Art
Autonomous Agents and Multi-Agent Systems
PAC model-free reinforcement learning
ICML '06 Proceedings of the 23rd international conference on Machine learning
IEEE Transactions on Knowledge and Data Engineering
Multi-Agent Reinforcement Learning for Intrusion Detection: A Case Study and Evaluation
MATES '08 Proceedings of the 6th German conference on Multiagent System Technologies
Agglomerative Fuzzy K-Means Clustering Algorithm with Selection of Number of Clusters
IEEE Transactions on Knowledge and Data Engineering
K-means Clustering Algorithm with Improved Initial Center
WKDD '09 Proceedings of the 2009 Second International Workshop on Knowledge Discovery and Data Mining
The Application on Intrusion Detection Based on K-means Cluster Algorithm
IFITA '09 Proceedings of the 2009 International Forum on Information Technology and Applications - Volume 01
Efficient reinforcement learning with relocatable action models
AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 1
Potential-based shaping in model-based reinforcement learning
AAAI'08 Proceedings of the 23rd national conference on Artificial intelligence - Volume 2
An adaptive architecture for modular Q-learning
IJCAI'97 Proceedings of the Fifteenth international joint conference on Artifical intelligence - Volume 2
A Bayesian sampling approach to exploration in reinforcement learning
UAI '09 Proceedings of the Twenty-Fifth Conference on Uncertainty in Artificial Intelligence
An efficient classifier design integrating rough set and set oriented database operations
Applied Soft Computing
An immunity-based technique to characterize intrusions in computernetworks
IEEE Transactions on Evolutionary Computation
A novel intrusion detection system based on feature generation with visualization strategy
Expert Systems with Applications: An International Journal
Hi-index | 0.01 |
Development of an efficient real time intrusion detection system (IDS) has been proposed in the paper by integrating Q-learning algorithm and rough set theory (RST). The objective of the work is to achieve maximum classification accuracy while detecting intrusions by classifying NSL-KDD network traffic data either 'normal' or 'anomaly'. Since RST processes discrete data only, by applying cut operation attributes in training data are discretized. Using indiscernibility concept of RST, reduced attribute sets, called reducts are obtained and among the reducts a single reduct is chosen which provides highest classification accuracy. However, for the test data the same reduct would not provide highest classification accuracy due to change of discretized attribute values. Therefore, to overcome the problem discretization and feature selection processes are dealt in a comprehensive and systematic way in the paper using machine learning approach. The Q-learning algorithm has been modified to learn optimum cut value for different attributes so that corresponding reduct produces maximum classification accuracy while classifying network traffic data. Since, not all attributes but reduct only take part to detect intrusions, the proposed algorithm is faster than Q-learning and reduces complexity of the IDS. Classification accuracy with 98% success rate has been obtained using real time data, which demonstrates superior performance compared to other classifiers.