Skip to main content
SpringerLink
Log in

Multiple Classifier System with Feature Grouping for Intrusion Detection: Mutual Information Approach

  • Conference paper
Knowledge-Based Intelligent Information and Engineering Systems (KES 2005)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3683))

Abstract

The information security of computer networks has become a serious global issue and also a hot topic in computer networking researches. Many approaches have been proposed to tackle these problems, especially the denial of service (DoS) attacks. The Multiple Classifier System (MCS) is one of the approaches that have been adopted in the detection of DoS attacks recently. For a MCS to perform better than a single classifier, it is crucial for the base classifiers which embedded in the MCS to be diverse. Both resampling, e.g. bagging, and feature grouping could promote diversity of base classifiers. In this paper, we propose an approach to select the reduced feature group for each of the base classifiers in the MCS based on the mutual information between the features and class labels. The base classifiers being combined using the weighted sum is examined in this paper. Different feature grouping methods are evaluated theoretically and experimentally.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Xu, L., Krzyzak, A., Suen, C.Y.: Methods for combining multiple classifiers and their applications to handwriting recognition. IEEE Trans. SMC 22, 418–435 (1992)

    Google Scholar 

  2. Kittler, J., Hatef, M., Duin, R.P.W., Matas, J.: On Combining Classifiers. IEEE Trans. On Pattern Analysis and Machine Intelligence 20, 226–239 (1998)

    Article  Google Scholar 

  3. Giorgio, G., Fabio, R., Luca, D.: Fusion of multiple classifiers for intrusion detection in computer networks. Pattern Recognition Letters 24, 1795–1803 (2003)

    Article  Google Scholar 

  4. Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion detection using an ensemble of intelligent paradigms. Journal of Network and Computer applications (2004)

    Google Scholar 

  5. Hanson, L., Salamon, P.: Neural Network Ensembles. IEEE Transactions on pattern analysis and machine intelligence (1990)

    Google Scholar 

  6. Oza, N.C., Tumer, K.: Input Decimation Ensembles: Decorrelation through Dimensinality Reduction. In: Kittler, J., Roli, F. (eds.) MCS 2001. LNCS, vol. 2096, pp. 238–247. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  7. Tumer, K., Ghosh, J.: Classifier combining: analytical results and implications. In: Working notes from the Workshop ‘Integrating Multiple Learned Models’, 13th National Conference on Artificial Intelligence, Protland, Oregon (August 1996)

    Google Scholar 

  8. Ho, T.K.: The random subspace method for constructing decision forests. IEEE Transactions on pattern analysis and machine intelligence (1998)

    Google Scholar 

  9. Bryll, R., Gutierrez-Osuna, R., Quek, F.: Attribute bagging: improving accuracy of classifier ensembles by using random feature subsets. Pattern recognition (2003)

    Google Scholar 

  10. Kuncheva, L.I.: Genetic algorithm for feature selection for parallel classifiers. Information Processing Letters 46, 163–168 (1993)

    Article  MATH  Google Scholar 

  11. Ho, T.H., Hull, J.J., Srihari, S.N.: Decision Combination in Multiple Classifier System. IEEE Trans. PAMI 16 Pt. 1, 66–75 (1994)

    Google Scholar 

  12. Yager, R.R., Kacprzyk, J. (eds.): The Ordered Weighted Averaging Operators. Kluwer Academic Publishers, Dordrecht (1997)

    MATH  Google Scholar 

  13. Ng, W.W.Y., Chan, A.P.F., Yeung, D.S., Tsang, E.C.C.: Quantitative Study on the Generalization Error of Multiple Classifier Systems. Submitted to IC-SMC (2005)

    Google Scholar 

  14. Battiti, R.: Using Mutual Information for Selecting Features in Supervised Neural Net Learning. IEEE Transactions on neural networks 5(4) (July 1994)

    Google Scholar 

  15. Axelsson, S.: The base-rate fallacy and the difficulty of intrusion detection. ACM Trans. Information Syst. Security 3(3), 186–205 (2000)

    Article  MathSciNet  Google Scholar 

  16. Proctor, P.E.: The Practical Intrusion Detection Handbook. Prentice-Hall, Englewood Cliffs (2001)

    Google Scholar 

  17. Kumar, S., Spafford, E.: A pattern matching model for misuse intrusion detection. In: Proceedings of the 17th National Computer Security Conference (1994b)

    Google Scholar 

  18. Lee, W., Stolfo, S.J.: Data mining approaches for intrusion detection. In: Proceedings of the seventh USENIX Security Symposium (1998)

    Google Scholar 

  19. Schapire, R.: The strength of weak learnability. Machine Learning, 197-227 (1990)

    Google Scholar 

  20. Verwoerd, T., Hunt, R.: Intrusion detection techniques and approaches. Computer communications, 1356–1365 (2002)

    Google Scholar 

  21. Ng, W.W.Y., Chang, R.K.C., Yeung, D.S.: Dimensionality Reduction for Denial of Service Detection Problems Using RBFNN Output Sensitivity. In: Proc. on International Conference of Machine Learning and Cybernetics, pp. 1298–1298 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computing, The Hong Kong Polytechnic University, China, Hong Kong

    Aki P. F. Chan, Wing W. Y. Ng, Daniel S. Yeung & Eric C. C. Tsang

Authors
  1. Aki P. F. Chan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wing W. Y. Ng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel S. Yeung
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Eric C. C. Tsang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Business, La Trobe University, 3086, Melbourne, Victoria, Australia

    Rajiv Khosla

  2. Centre for SMART systems Engineering Research Centre, University of Brighton, BN2 4GJ, Moulsecoomb, Brighton, UK

    Robert J. Howlett

  3. School of Electrical and Information Engineering, Knowledge Based Intelligent Engineering Systems Centre, University of South Australia, 5095, Mawson Lakes, SA, Australia

    Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chan, A.P.F., Ng, W.W.Y., Yeung, D.S., Tsang, E.C.C. (2005). Multiple Classifier System with Feature Grouping for Intrusion Detection: Mutual Information Approach. In: Khosla, R., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2005. Lecture Notes in Computer Science(), vol 3683. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11553939_21

Download citation

  • DOI: https://doi.org/10.1007/11553939_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28896-1

  • Online ISBN: 978-3-540-31990-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation