A Distributed Intrusion Detection Framework Based on Evolved Specialized Ensembles of Classifiers
作者: Gianluigi Folino , Francesco Sergio Pisani , Pietro Sabatino
DOI: 10.1007/978-3-319-31204-0_21
关键词:
摘要: Modern intrusion detection systems must handle many complicated issues in real-time, as they have to cope with a real data stream; indeed, for the task of classification, typically classes are unbalanced and, addition, distributed attacks and quickly react changes data. Data mining techniques particular, ensemble classifiers permit combine different that together provide complementary information can be built an incremental way. This paper introduces architecture framework detector module based on meta-ensemble, which is used problem detecting intrusions, number minor than normal connections. To this aim, we explore usage ensembles specialized detect particular types attack or connections, Genetic Programming adopted generate non-trainable function each ensemble. Non-trainable functions evolved without any extra phase training therefore, particularly apt concept drifts, also case real-time constraints. Preliminary experiments, conducted well-known KDD dataset more up-to-date dataset, ISCX IDS, show effectiveness approach.
springer.com
sci-hub.se 参考文章(21)
Emna Bahri, Nouria Harbi, Hoa Nguyen Huu, Approach based ensemble methods for better and faster intrusion detection computational intelligence and security. pp. 17- 24 ,(2011) , 10.1007/978-3-642-21323-6_3
Christian Callegari, Michele Pagano, Paweł Foremski, Waterfall: Rapid Identification of IP Flows Using Cascade Classification Computer Networks. ,vol. 431, pp. 14- 23 ,(2014) , 10.1007/978-3-319-07941-7_2
Gianluigi Folino, Francesco Sergio Pisani, Combining Ensemble of Classifiers by Using Genetic Programming for Cyber Security Applications Applications of Evolutionary Computation. pp. 54- 66 ,(2015) , 10.1007/978-3-319-16549-3_5
Matthew V. Mahoney, Philip K. Chan, An analysis of the 1999 DARPA/lincoln Laboratory evaluation data for network anomaly detection recent advances in intrusion detection. pp. 220- 237 ,(2003) , 10.1007/978-3-540-45248-5_13
Monowar H. Bhuyan, D. K. Bhattacharyya, J. K. Kalita, Network Anomaly Detection: Methods, Systems and Tools IEEE Communications Surveys and Tutorials. ,vol. 16, pp. 303- 336 ,(2014) , 10.1109/SURV.2013.052213.00046
John McHugh, Testing Intrusion detection systems ACM Transactions on Information and System Security. ,vol. 3, pp. 262- 294 ,(2000) , 10.1145/382912.382923
Ali Shiravi, Hadi Shiravi, Mahbod Tavallaee, Ali A. Ghorbani, Toward developing a systematic approach to generate benchmark datasets for intrusion detection Computers & Security. ,vol. 31, pp. 357- 374 ,(2012) , 10.1016/J.COSE.2011.12.012
NIUSVEL ACOSTA-MENDOZA, ALICIA MORALES-REYES, HUGO JAIR ESCALANTE, ANDRÉS GAGO-ALONSO, LEARNING TO ASSEMBLE CLASSIFIERS VIA GENETIC PROGRAMMING International Journal of Pattern Recognition and Artificial Intelligence. ,vol. 28, pp. 1460005- ,(2014) , 10.1142/S0218001414600052
Y. Freund, Boosting a weak learning algorithm by majority Information & Computation. ,vol. 121, pp. 256- 285 ,(1995) , 10.1006/INCO.1995.1136
Robert E. Schapire, The Strength of Weak Learnability Machine Learning. ,vol. 5, pp. 197- 227 ,(1990) , 10.1023/A:1022648800760