Skip to main content
SpringerLink
Log in

Meta Learning Intrusion Detection in Real Time Network

  • Conference paper
Artificial Neural Networks – ICANN 2007 (ICANN 2007)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4668))

Included in the following conference series:

Abstract

With the rapid increase in connectivity and accessibility of computer systems over the internet which has resulted in frequent opportunities for intrusions and attacks, intrusion detection on the network has become a crucial issue for computer system security. Methods based on hand-coded rule sets are laborous to build and not very reliable. This problem has led to an increasing interest in intrusion detection techniques based upon machine learning or data mining. However, traditional data mining based intrusion detection systems use single classifier in their detection engines. In this paper, we propose a meta learning based method for intrusion detection by MultiBoosting multi classifiers. MultiBoosting can form decision committees by combining AdaBoost with wagging. It is able to harness both AdaBoost’s high bias and variance reduction with wagging’s superior variance reduction. Experiments results show that MultiBoosting can improve the detection performance of state-of-art machine learning based intrusion detection techniques. Furthermore, we present a Symmetrical Uncertainty (SU) based method for reducing network connection features to make MultiBoosting more efficient in real-time network environment, in the meanwhile, keep the detection performance unundermined and in some cases, even further improved.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Schneider, K.-M.: Comparison of Event Models for Naive Bayes Anti-Spam E-Mail Filtering. In: Proceedings of the 10th Conference of the European Chapter of the Association for Computational Linguistics, Budapest, Hungary, pp. 307–314 (April 2003)

    Google Scholar 

  2. Quinlan, R.: C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers, San Mateo, CA (1993)

    Google Scholar 

  3. Witten, I., Frank, E.: Data Mining –Practical Machine Learning Tools and Techniques with Java Implementation. Morgan Kaufmann, San Francisco (2000)

    Google Scholar 

  4. Zhang, Z., Shen, H.: Online Training of SVMs for Real-time Intrusion Detection. In: AINA’04. 18th International Conference on Advanced Information Networking and Applications, p. 568 (2004)

    Google Scholar 

  5. Geoffrey, I.: Webb: MultiBoosting: A Technique for Combining Boosting and Wagging. Machine Learning 40(2), 159–196 (2000)

    Article  Google Scholar 

  6. BenAmor, N., Benferhat, S., ElOuedi, Z.: Naive Bayes vs Decision Trees in Intrusion Detection Systems. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, Springer, Heidelberg (2004)

    Google Scholar 

  7. Ganchev, T., Zervas, P., Fakotakis, N., Kokkinakis, G.: Benchmarking Feature Selection Techniques on the Speaker Verification Task. In: 5th International Symposium on Communication Systems, Network and Digital Signal Processing (July 19-21, 2006)

    Google Scholar 

  8. Hall, M.A., Smith, L.A.: Practical feature subset selection for machine learning. In: Proceedings of the 21st Australian Computer Science Conference, pp. 181–191 (1998)

    Google Scholar 

  9. Stolfo, S., Fan, W., Lee, W., Prodromidis, A., Chan, P.: Cost-based Modeling for Fraud and Intrusion Detection: Results from the JAM Project. In: DISCEX ’00. Proceedings of the 2000 DARPA Information Survivability Conference and Exposition (2000)

    Google Scholar 

  10. KDDCUP99 Dataset Task Description (Accessed 2006), http://kdd.ics.uci.edu/databases/kddcup99/task.html

  11. KDDCUP99 Network Intrusion Detection Benchmark Dataset (Accessed 2006), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  12. Sinclair, S.M.C., Pierce, L.: An Application of Machine Learning to Network Intrusion Detection. In: Proceedings of the 15th Annual Computer Security Applications Conference, Phoenix, AZ, USA, pp. 371–377 (1999)

    Google Scholar 

  13. Kim, B.-J., Kim II, K.: Two-Tier Based Intrusion Detection System. In: Wang, L., Jin, Y. (eds.) FSKD 2005. LNCS (LNAI), vol. 3614, pp. 27–29. Springer, Heidelberg (2005)

    Google Scholar 

  14. Sabhnani, M., Serpen, G.: Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context. In: MLMTA03. Proceedings of the International Conference on Machine Learning, Models, Technologies and Applications, Las Vegas, NV, pp. 209–215 (June 2003)

    Google Scholar 

  15. Hu, W., Liao, Y., Vemuri, V R.: Robust Support Vector Machines for Anomaly Detection in Computer Security. In: Proceedings of Conference on Machine Learining and Application (2003)

    Google Scholar 

  16. Lee, C.-C., Chung, P.-C., Tsai, J.-R., Chang, C.-I: Robust Radial Basis Function Neural Networks. IEEE Transactions on Systems, Man, and Cybernetics-Part B: Cybernetics 29(6) (1999)

    Google Scholar 

  17. Wang, H., et al.: Clustering by Pattern Similarity in Large Data sets. In: SIGMOD, pp. 394–405 (2002)

    Google Scholar 

  18. Guo, G., Li, S.Z., Chan, K.: Face Recognition by Support Vector Machines. In: Fourth IEEE International Conference on Automatic Face and Gesture Recognition, pp. 196–201. IEEE Computer Society Press, Los Alamitos (2000)

    Google Scholar 

  19. Vapnik, V.N.: Statistical learning theory. In: Adaptive and learning systems for signal processing, communications, and control, Wiley, New York (1998)

    Google Scholar 

  20. Anderson, J.P.: Computer security threat monitoring and surveillance. Technical Report, James P Anderson Co. Fort Washington, PA (April 1980)

    Google Scholar 

  21. Denning, D.E.: An intrusion-detection model. IEEE Transactions on Software Engineering SE-13(2), 222–232 (1987)

    Article  Google Scholar 

  22. Nguyen, B.V.: An Application of Support Vector Machines to Anomaly Detection. Research in Computer Science - Support Vector Machine, report, Fall (2002)

    Google Scholar 

  23. Vigna, G., Kemmerer, R.: Netstat: a network based intrusion detection system. Journal of Computer Security 7(1) (1999)

    Google Scholar 

  24. Symantec.com: Symantec internet security threat report highlights rise in threats to confidential information. (Accessed 2006), Available at http://www.symantec.com/press/2005/n050321.html

  25. Sung, A., Mukkamala, S.: Identifying important features for intrusion detection using support vector machines and neural networks. In: Symposium on Applications and the Internet, pp. 209–216 (2003)

    Google Scholar 

  26. Kendall, K.: A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems. Master’s Thesis, Massachusetts Institute of Technology (1998)

    Google Scholar 

  27. Jin, X., Huang, R., Bie, R.: Detecting Network Attacks via Improved Iterative Scaling. In: INDIN07. Proceedings of the 5th IEEE International Conference on Industrial Informatics, Vienna, Austria, July 23-26 (2007)

    Google Scholar 

  28. Kim, D.S., Park, J.S.: Network-Based Intrusion Detection with Support Vector Machines. In: Kahng, H.-K. (ed.) ICOIN 2003. LNCS, vol. 2662, pp. 747–756. Springer, Heidelberg (2003)

    Google Scholar 

  29. Kaplantzis, S., Mani, N.: A Study on Classification Techniques for Network Intrusion Detection. In: NCS06. Proceedings of the IASTED International Conference on Networks and Communication Systems (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Information Science and Technology, Beijing Normal University, Beijing 100875, P.R. China

    Rongfang Bie, Xin Jin, Chuanliang Chen & Chuan Xu

  2. School of Education Technology, Beijing Normal University, Beijing 100875, P.R. China

    Ronghuai Huang

Authors
  1. Rongfang Bie
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xin Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chuanliang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chuan Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ronghuai Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Joaquim Marques de Sá Luís A. Alexandre Włodzisław Duch Danilo Mandic

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bie, R., Jin, X., Chen, C., Xu, C., Huang, R. (2007). Meta Learning Intrusion Detection in Real Time Network. In: de Sá, J.M., Alexandre, L.A., Duch, W., Mandic, D. (eds) Artificial Neural Networks – ICANN 2007. ICANN 2007. Lecture Notes in Computer Science, vol 4668. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74690-4_82

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74690-4_82

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74689-8

  • Online ISBN: 978-3-540-74690-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation