Proceedings Article10.1109/ISCC.2017.8024620
Two Layers Multi-class Detection method for network Intrusion Detection System
Yali Yuan,Liuwei Huo,Dieter Hogrefe +2 more
- 01 Jul 2017
- pp 767-772
42
TL;DR: The Two Layers Multi-class Detection (TLMD) method used together with the C5.0 method and the Naive Bayes algorithm is proposed for adaptive network intrusion detection, which improves the detection rate as well as the false alarm rate.
read more
Abstract: Intrusion Detection Systems (IDSs) are powerful systems which monitor and analyze events in order to detect signs of security problems and take action to stop intrusions. In this paper, the Two Layers Multi-class Detection (TLMD) method used together with the C5.0 method and the Naive Bayes algorithm is proposed for adaptive network intrusion detection, which improves the detection rate as well as the false alarm rate. The proposed TLMD algorithm also addresses some difficulties in data mining situations such as handling imbalance datasets, dealing with continuous attributes, and reducing noise in training dataset. We compared the performance of the proposed TLMD method with that of existing algorithms, using the detection rate, accuracy as well as false alarm rate on the KDDcup99 benchmark intrusion detection dataset. The experimental results prove that the proposed TLMD method has a reduced false alarm rate and a good detection rate based on the imbalanced dataset.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Siam-IDS: Handling class imbalance problem in Intrusion Detection Systems using Siamese Neural Network
TL;DR: The proposed Siam-IDS is able to detect R2L and U2R attacks without using traditional class balancing techniques such as oversampling and random undersampling, and was compared with existing IDSs developed using DL techniques namely Deep Neural Network (DNN) and Convolutional Neural network (CNN).
113
Using a Long Short-Term Memory Recurrent Neural Network (LSTM-RNN) to Classify Network Attacks
TL;DR: A new method for intrusion detection to classify the NSL-KDD dataset by combining a genetic algorithm for optimal feature selection and long short-term memory (LSTM) with a recurrent neural network (RNN) found that using LSTM-RNN classifiers with the optimal feature set improves intrusion detection.
104
Attack Classification of Imbalanced Intrusion Data for IoT network Using Ensemble Learning-based Deep Neural Network
01 Jul 2023
TL;DR: In this article , a bagging classifier was proposed to address class imbalance problem using ensemble learning approach, namely, Bagging classifier, that uses Deep Neural Network (DNN) as base estimator.
58
LA-GRU: Building Combined Intrusion Detection Model Based on Imbalanced Learning and Gated Recurrent Unit Neural Network
Binghao Yan,Guodong Han +1 more
TL;DR: A new combined IDM called LA-GRU is proposed based on a novel imbalanced learning method and gated recurrent unit (GRU) neural network that obtains excellent overall detection performance with a low false alarm rate and more effectively solves the learning problem of imbalanced traffic distribution.
Real-Time Network Intrusion Prevention System Based on Hybrid Machine Learning
Wooseok Seo,Wooguil Pak +1 more
TL;DR: In this article, a two-level classifier that can simultaneously achieve high performance and real-time classification is proposed, which employs level 1 and 2 classifiers internally and collects the statistical features of traffic flow for performing precise classification.
References
A Decision-Theoretic Generalization of On-Line Learning and an Application to Boosting
Yoav Freund,Robert E. Schapire +1 more
- 01 Aug 1997
TL;DR: The model studied can be interpreted as a broad, abstract extension of the well-studied on-line prediction model to a general decision-theoretic setting, and it is shown that the multiplicative weight-update Littlestone?Warmuth rule can be adapted to this model, yielding bounds that are slightly weaker in some cases, but applicable to a considerably more general class of learning problems.
•Proceedings Article
Snort - Lightweight Intrusion Detection for Networks
Martin Roesch
- 12 Nov 1999
TL;DR: Snort provides a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected.
Anomaly-based network intrusion detection: Techniques, systems and challenges
TL;DR: The main challenges to be dealt with for the wide scale deployment of anomaly-based intrusion detectors, with special emphasis on assessment issues are outlined.
2K
A survey of network anomaly detection techniques
TL;DR: This paper presents an in-depth analysis of four major categories of anomaly detection techniques which include classification, statistical, information theory and clustering and evaluates effectiveness of different categories of techniques.
1.4K