Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Multiple Classifier Systems

MCS 2003: Multiple Classifier Systems pp 346–355Cite as

A Modular Multiple Classifier System for the Detection of Intrusions in Computer Networks

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2709))

Abstract

The security of computer networks plays a strategic role in modern computer systems. In order to enforce high protection levels against threats, a number of software tools have been currently developed. Intrusion Detection Systems aim at detecting intruders who elude “first line” protection. In this paper, a pattern recognition approach to network intrusion detection based on the fusion of multiple classifiers is proposed. In particular, a modular Multiple Classifier architecture is designed, where each module detects intrusions against one of the services offered by the protected network. Each Multiple Classifier System fuses the information coming from different feature representations of the patterns of network traffic. The potentialities of classifier fusion for the development of effective intrusion detection systems are evaluated and discussed.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  • Allen J., Christie A., Fithen W., McHugh J., Pickel J., Storner E., 2000. State of the Practice of Intrusion Detection Technologies. Tech. Rep. CMU/SEI-99-TR-028, Software Engineering Institute, Carnegie Mellon University.

    Google Scholar 

  • Axelsson S., 2000. The Base-Rate Fallacy and the Difficulty of Intrusion Detection. ACM Trans. on Information and System Security 3(3), 186–205.

    Article  MathSciNet  Google Scholar 

  • Bonifacio J.M., Cansian A.M., de Carvalho A.C.P.L.F., Moreira E.S., 1998. Neural Networks applied in intrusion detection systems. Proc. of the IEEE World congress on Comp. Intell. (WCCI’ 98).

    Google Scholar 

  • Cannady J., 2000. An adaptive neural network approach to intrusion detection and response. PhD Thesis, School of Comp. and Inf. Sci., Nova Southeastern University.

    Google Scholar 

  • Debar H., Becker M., Siboni D., 1992. A Neural Network Component for an Intrusion Detection System. Proc. of the IEEE Symp. on Research in Security and Privacy, Oakland, CA, USA, 240–250.

    Google Scholar 

  • Elkan C., 2000. Results of the KDD’99 Classifier Learning. ACM SIGKDD Explorations 1, 63–64.

    Article  Google Scholar 

  • Ghosh A.K., Schwartzbard A., 1999. A Study in Using Neural Networks for Anomaly and Misuse Detection. Proc. of the USENIX Security Symposium, August 23–26, 1999, Washington, USA.

    Google Scholar 

  • Giacinto G., Roli F., Bruzzone L.,2001. Combination of Neural and Statistical Algorithms for Supervised Classification of Remote-Sensing Images. Pattern Recognition Letters, 21(5), 385–397.

    Article  Google Scholar 

  • Giacinto G., Roli F., Didaci L., 2003. Fusion of multiple classifiers for intrusion detection in computer networks. Pattern Recognition Letters (in press).

    Google Scholar 

  • Kittler J., Hatef M., Duin R.P.W., Matas J., 1998. On Combining Classifiers. IEEE Trans. on Pattern Analysis and Machine Intelligence 20(3), 226–229.

    Article  Google Scholar 

  • Kuncheva L.I., Bezdek J.C., Duin R.P.W., 2001. Decision Templates for Multiple Classifier Fusion. Pattern Recognition 34(2), 299–314.

    Article  MATH  Google Scholar 

  • Lee S.C., Heinbuch D.V., 2001. Training a Neural-Network Based Intrusion Detector to Recognize Novel Attacks. IEEE Trans. on Systems, Man, and Cybernetics Part A 31, 294–299.

    Article  Google Scholar 

  • Lee W., Stolfo S.J., 2000. A framework for constructing features and models for intrusion detection systems. ACM Trans. on Inform. and System Security 3(4), 227–261.

    Article  Google Scholar 

  • McHugh J., Christie A., Allen J., 2000. Defending Yourself: The Role of Intrusion Detection Systems. IEEE Software, Sept./Oct. 2000, 42–51.

    Google Scholar 

  • Northcutt S., Cooper M., Fearnow M., Frederick K., 2001. Intrusion Signatures and Analysis. New Riders Pub.

    Google Scholar 

  • Northcutt S., Novak J., 2001. Network Intrusion Detection (2nd ed). New Riders Pub.

    Google Scholar 

  • Proctor P.E., 2001. The Practical Intrusion Detection Handbook. Prentice Hall.

    Google Scholar 

  • Roli F., Fumera G., 2002. Analysis of Linear and Order Statistics Combiners for Fusion of Imbalanced Classifiers. Multiple Classifier Systems, Roli and Kittler, Eds. Springer-Verlag, Lecture Notes in Computer Science, vol. 2364, 252–261.

    Chapter  Google Scholar 

  • Ryan J., Lin M.J., Miikkulainen R., 1998. Intrusion Detection with Neural Networks. In: Advances in Neural Information Processing Systems 10, M. Jordan et al., Eds., Cambridge, MA: MIT Press, 943–949.

    Google Scholar 

  • Sharkey A.J.C., 1999. Combining Artificial Neural Nets. Springer.

    Google Scholar 

  • Xu L., Krzyzak A., Suen C.Y., 1992. Methods for combining multiple classifiers and their applications to handwriting recognition. IEEE Trans. Systems, Man and Cybernetics 22, 418–435.

    Article  Google Scholar 

  • Yeung D.-J., Ding Y., 2003. Host-based intrusion detection using dynamic and static behavioral models. Patter Recognition 36, 229–243.

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Electronic Engineering, University of Cagliari, Italy, Piazza D’Armi, 09123, Cagliari, Italy

    Giorgio Giacinto, Fabio Roli & Luca Didaci

Authors
  1. Giorgio Giacinto
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fabio Roli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Luca Didaci
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Centre for Vision, Speech and Signal Processing, University of Surrey, Guildford, Surrey, GU2 7XH, UK

    Terry Windeatt

  2. Dept. of Electrical and Electronic Engineering, University of Cagliari, Piazza D’Ami, 09123, Cagliari, Italy

    Fabio Roli

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Giacinto, G., Roli, F., Didaci, L. (2003). A Modular Multiple Classifier System for the Detection of Intrusions in Computer Networks. In: Windeatt, T., Roli, F. (eds) Multiple Classifier Systems. MCS 2003. Lecture Notes in Computer Science, vol 2709. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44938-8_35

Download citation

  • DOI: https://doi.org/10.1007/3-540-44938-8_35

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40369-2

  • Online ISBN: 978-3-540-44938-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation