Abstract
The security of computer networks plays a strategic role in modern computer systems. In order to enforce high protection levels against threats, a number of software tools have been currently developed. Intrusion Detection Systems aim at detecting intruders who elude “first line” protection. In this paper, a pattern recognition approach to network intrusion detection based on the fusion of multiple classifiers is proposed. In particular, a modular Multiple Classifier architecture is designed, where each module detects intrusions against one of the services offered by the protected network. Each Multiple Classifier System fuses the information coming from different feature representations of the patterns of network traffic. The potentialities of classifier fusion for the development of effective intrusion detection systems are evaluated and discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Allen J., Christie A., Fithen W., McHugh J., Pickel J., Storner E., 2000. State of the Practice of Intrusion Detection Technologies. Tech. Rep. CMU/SEI-99-TR-028, Software Engineering Institute, Carnegie Mellon University.
Axelsson S., 2000. The Base-Rate Fallacy and the Difficulty of Intrusion Detection. ACM Trans. on Information and System Security 3(3), 186–205.
Bonifacio J.M., Cansian A.M., de Carvalho A.C.P.L.F., Moreira E.S., 1998. Neural Networks applied in intrusion detection systems. Proc. of the IEEE World congress on Comp. Intell. (WCCI’ 98).
Cannady J., 2000. An adaptive neural network approach to intrusion detection and response. PhD Thesis, School of Comp. and Inf. Sci., Nova Southeastern University.
Debar H., Becker M., Siboni D., 1992. A Neural Network Component for an Intrusion Detection System. Proc. of the IEEE Symp. on Research in Security and Privacy, Oakland, CA, USA, 240–250.
Elkan C., 2000. Results of the KDD’99 Classifier Learning. ACM SIGKDD Explorations 1, 63–64.
Ghosh A.K., Schwartzbard A., 1999. A Study in Using Neural Networks for Anomaly and Misuse Detection. Proc. of the USENIX Security Symposium, August 23–26, 1999, Washington, USA.
Giacinto G., Roli F., Bruzzone L.,2001. Combination of Neural and Statistical Algorithms for Supervised Classification of Remote-Sensing Images. Pattern Recognition Letters, 21(5), 385–397.
Giacinto G., Roli F., Didaci L., 2003. Fusion of multiple classifiers for intrusion detection in computer networks. Pattern Recognition Letters (in press).
Kittler J., Hatef M., Duin R.P.W., Matas J., 1998. On Combining Classifiers. IEEE Trans. on Pattern Analysis and Machine Intelligence 20(3), 226–229.
Kuncheva L.I., Bezdek J.C., Duin R.P.W., 2001. Decision Templates for Multiple Classifier Fusion. Pattern Recognition 34(2), 299–314.
Lee S.C., Heinbuch D.V., 2001. Training a Neural-Network Based Intrusion Detector to Recognize Novel Attacks. IEEE Trans. on Systems, Man, and Cybernetics Part A 31, 294–299.
Lee W., Stolfo S.J., 2000. A framework for constructing features and models for intrusion detection systems. ACM Trans. on Inform. and System Security 3(4), 227–261.
McHugh J., Christie A., Allen J., 2000. Defending Yourself: The Role of Intrusion Detection Systems. IEEE Software, Sept./Oct. 2000, 42–51.
Northcutt S., Cooper M., Fearnow M., Frederick K., 2001. Intrusion Signatures and Analysis. New Riders Pub.
Northcutt S., Novak J., 2001. Network Intrusion Detection (2nd ed). New Riders Pub.
Proctor P.E., 2001. The Practical Intrusion Detection Handbook. Prentice Hall.
Roli F., Fumera G., 2002. Analysis of Linear and Order Statistics Combiners for Fusion of Imbalanced Classifiers. Multiple Classifier Systems, Roli and Kittler, Eds. Springer-Verlag, Lecture Notes in Computer Science, vol. 2364, 252–261.
Ryan J., Lin M.J., Miikkulainen R., 1998. Intrusion Detection with Neural Networks. In: Advances in Neural Information Processing Systems 10, M. Jordan et al., Eds., Cambridge, MA: MIT Press, 943–949.
Sharkey A.J.C., 1999. Combining Artificial Neural Nets. Springer.
Xu L., Krzyzak A., Suen C.Y., 1992. Methods for combining multiple classifiers and their applications to handwriting recognition. IEEE Trans. Systems, Man and Cybernetics 22, 418–435.
Yeung D.-J., Ding Y., 2003. Host-based intrusion detection using dynamic and static behavioral models. Patter Recognition 36, 229–243.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Giacinto, G., Roli, F., Didaci, L. (2003). A Modular Multiple Classifier System for the Detection of Intrusions in Computer Networks. In: Windeatt, T., Roli, F. (eds) Multiple Classifier Systems. MCS 2003. Lecture Notes in Computer Science, vol 2709. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44938-8_35
Download citation
DOI: https://doi.org/10.1007/3-540-44938-8_35
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40369-2
Online ISBN: 978-3-540-44938-6
eBook Packages: Springer Book Archive