A Cybersecurity Framework for Classifying Non Stationary Data Streams Exploiting Genetic Programming and Ensemble Learning

Folino, Gianluigi; Pisani, Francesco Sergio; Pontieri, Luigi

doi:10.1007/978-3-030-39081-5_24

A Cybersecurity Framework for Classifying Non Stationary Data Streams Exploiting Genetic Programming and Ensemble Learning

Conference paper
First Online: 14 February 2020

1045 Accesses
1 Citations
3 Altmetric

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11973))

Abstract

Intrusion detection systems have to cope with many challenging problems, such as unbalanced datasets, fast data streams and frequent changes in the nature of the attacks (concept drift). To this aim, here, a distributed genetic programming (GP) tool is used to generate the combiner function of an ensemble; this tool does not need a heavy additional training phase, once the classifiers composing the ensemble have been trained, and it can hence answer quickly to concept drifts, also in the case of fast-changing data streams. The above-described approach is integrated into a novel cybersecurity framework for classifying non stationary and unbalanced data streams. The framework provides mechanisms for detecting drifts and for replacing classifiers, which permits to build the ensemble in an incremental way. Tests conducted on real data have shown that the framework is effective in both detecting attacks and reacting quickly to concept drifts.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

1.
http://www.cs.waikato.ac.nz/ml/weka.

References

Bifet, A., Gavalda, R.: Learning from time-changing data with adaptive windowing. In: SDM, vol. 7, pp. 443–448. SIAM (2007)
Google Scholar
Costa, V.S., Farias, A.D.S., Bedregal, B., Santiago, R.H., Canuto, A.M.P.: Combining multiple algorithms in classifier ensembles using generalized mixture functions. Neurocomputing 313, 402–414 (2018)
Article Google Scholar
Cruz, R.M., Sabourin, R., Cavalcanti, G.D.: Dynamic classifier selection: recent advances and perspectives. Inf. Fusion 41, 195–216 (2018)
Article Google Scholar
Folino, G., Pizzuti, C., Spezzano, G.: A scalable cellular implementation of parallel genetic programming. IEEE Trans. Evol. Comput. 7(1), 37–53 (2003)
Article Google Scholar
Folino, G., Pisani, F.S.: Combining ensemble of classifiers by using genetic programming for cyber security applications. In: Mora, A.M., Squillero, G. (eds.) EvoApplications 2015. LNCS, vol. 9028, pp. 54–66. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16549-3_5
Chapter Google Scholar
Folino, G., Pisani, F.S., Sabatino, P.: A distributed intrusion detection framework based on evolved specialized ensembles of classifiers. In: Squillero, G., Burelli, P. (eds.) EvoApplications 2016. LNCS, vol. 9597, pp. 315–331. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31204-0_21
Chapter Google Scholar
Folino, G., Pisani, F.S., Sabatino, P.: An incremental ensemble evolved by using genetic programming to efficiently detect drifts in cyber security datasets. In: Genetic and Evolutionary Computation Conference, Companion Material Proceedings, GECCO 2016, Denver, CO, USA, 20–24 July 2016, pp. 1103–1110 (2016)
Google Scholar
Gama, J., Žliobaitė, I., Bifet, A., Pechenizkiy, M., Bouchachia, A.: A survey on concept drift adaptation. ACM Comput. Surv. (CSUR) 46(4), 44 (2014)
Article Google Scholar
Gonçalves Jr., P.M., de Carvalho Santos, S.G., Barros, R.S., Vieira, D.C.: A comparative study on concept drift detectors. Expert Syst. Appl. 41(18), 8144–8156 (2014)
Article Google Scholar
Masoudnia, S., Ebrahimpour, R.: Mixture of experts: a literature survey. Artif. Intell. Rev. 42(2), 275–293 (2014)
Article Google Scholar
Micenková, B., McWilliams, B., Assent, I.: Learning outlier ensembles: the best of both worlds-supervised and unsupervised. In: ACM SIGKDD 2014 Workshop ODD2 (2014)
Google Scholar
Shiravi, A., Shiravi, H., Tavallaee, M., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31(3), 357–374 (2012)
Article Google Scholar

Download references

Author information

Authors and Affiliations

ICAR-CNR, Rende, CS, Italy
Gianluigi Folino, Francesco Sergio Pisani & Luigi Pontieri

Authors

Gianluigi Folino
View author publications
You can also search for this author in PubMed Google Scholar
Francesco Sergio Pisani
View author publications
You can also search for this author in PubMed Google Scholar
Luigi Pontieri
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gianluigi Folino .

Editor information

Editors and Affiliations

University of Calabria, Rende, Italy
Yaroslav D. Sergeyev
University of Calabria, Rende, Italy
Dmitri E. Kvasov

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Folino, G., Pisani, F.S., Pontieri, L. (2020). A Cybersecurity Framework for Classifying Non Stationary Data Streams Exploiting Genetic Programming and Ensemble Learning. In: Sergeyev, Y., Kvasov, D. (eds) Numerical Computations: Theory and Algorithms. NUMTA 2019. Lecture Notes in Computer Science(), vol 11973. Springer, Cham. https://doi.org/10.1007/978-3-030-39081-5_24

Download citation

DOI: https://doi.org/10.1007/978-3-030-39081-5_24
Published: 14 February 2020
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-39080-8
Online ISBN: 978-3-030-39081-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics