A hybrid intelligent approach for network intrusion detection

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F61989100%3A27240%2F12%3A86092952" target="_blank" >RIV/61989100:27240/12:86092952 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1016/j.proeng.2012.01.827" target="_blank" >http://dx.doi.org/10.1016/j.proeng.2012.01.827</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1016/j.proeng.2012.01.827" target="_blank" >10.1016/j.proeng.2012.01.827</a>

Jazyk výsledku

angličtina

Název v původním jazyce

A hybrid intelligent approach for network intrusion detection

Popis výsledku v původním jazyce

Intrusion detection is an emerging area of research in the computer security and networks with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behaviour or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper, we propose to use a hybrid intelligent approach using combination of classifiers in order to make the decision intelligently, so that the overall performance of the resultant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or clusterer first on the whole training dataset and then the output is applied to another classifier to classify the data. We use 2-class classification strategy along with 10-fold cross validation method to produce the final classification results in terms of normal or intrusion. Experimental results on NSL-KDD dataset, an improved version of KDDCup 1999 dataset show that our proposed approach is efficient with high detection rate and low false alarm rate.

Název v anglickém jazyce

A hybrid intelligent approach for network intrusion detection

Popis výsledku anglicky

Intrusion detection is an emerging area of research in the computer security and networks with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behaviour or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper, we propose to use a hybrid intelligent approach using combination of classifiers in order to make the decision intelligently, so that the overall performance of the resultant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or clusterer first on the whole training dataset and then the output is applied to another classifier to classify the data. We use 2-class classification strategy along with 10-fold cross validation method to produce the final classification results in terms of normal or intrusion. Experimental results on NSL-KDD dataset, an improved version of KDDCup 1999 dataset show that our proposed approach is efficient with high detection rate and low false alarm rate.

Druh

D - Stať ve sborníku

CEP obor

IN - Informatika

OECD FORD obor

—

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2012

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Procedia Engineering. Volume 30

ISBN

—

ISSN

1877-7058

e-ISSN

—

Počet stran výsledku

9

Strana od-do

1-9

Název nakladatele

Elsevier

Místo vydání

Amsterdam

Místo konání akce

Coimbatore

Datum konání akce

7. 12. 2011

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000314170600001