A Multi-Class SLIPPER System for Intrusion Detection

Authors:
Zhenwei Yu;Jeffrey J. P. Tsai
Affiliations:
University of Illinois at Chicago;University of Illinois at Chicago
Venue:
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Year:
2004

Citing 5
Cited 3

A simple, fast, and effective rule learner

AAAI '99/IAAI '99 Proceedings of the sixteenth national conference on Artificial intelligence and the eleventh Innovative applications of artificial intelligence conference innovative applications of artificial intelligence
Mining needle in a haystack: classifying rare classes via two-phase rule induction

SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Results of the KDD'99 classifier learning

ACM SIGKDD Explorations Newsletter
KDD-99 classifier learning contest LLSoft's results overview

ACM SIGKDD Explorations Newsletter
A modular multiple classifier system for the detection of intrusions in computer networks

MCS'03 Proceedings of the 4th international conference on Multiple classifier systems

An adaptive automatically tuning intrusion detection system

ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Fuzzy model tuning for intrusion detection systems

ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
A distance sum-based hybrid method for intrusion detection

Applied Intelligence

Quantified Score

Hi-index	0.00

Visualization

Abstract

Varied data mining techniques have been developed for intrusion detection. However, it is unclear which data mining technique is most effective. In this paper, we present our research work in developing a Multi-Class SLIPPER (MC-SLIPPER) system for intrusion detection to learn whether we can get benefit from boosting based learning algorithm. The key idea is to use the available binary SLIPPER as a basic module, which is a rule learner based on confidence-rated boosting. Multiple arbitral strategies based on prediction confidence are proposed to arbitrate results from all binary SLIPPER modules. Our system is evaluated on the KDDCUPý99 intrusion detection dataset. The experimental results show that we get best performance using a 5-7-5 BP neural network; and the performance using other arbitral strategies are better than the winner of the contest does in term of misclassification cost (MC).