Skip to main content
Springer Nature Link
Log in

Hierarchical Core Vector Machines for Network Intrusion Detection

  • Conference paper
Neural Information Processing (ICONIP 2009)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 5864))

Included in the following conference series:

Abstract

For labelling network intrusions as they state hierarchical multi-label structure, we develop a hierarchical core vector machines (HCVM) algorithm for high-speed network intrusion detection via hierarchical multi-label classification of network data. HCVM models a multi-label hierarchy into a data Hyper-Sphere constructed by numbers of core vector machines (CVM). As the CVMs in an HCVM are separating, encompassing and overlapping with each other, which forms naturally a tree structure representing the multi-label hierarchy encoded. Provided an unlabelled sample, the HCVM seeks a CVM enclosing the sample, and multiply label the sample according to the MEB’s position in the hierarchy. The proposed HCVM method has been examined on KDD’99 and the result shows that the proposed HCVM has significant improvement over previously published benchmark works. HCVM improves U2R accuracy from 13.2% to 82.7% and R2L from 8.4% to 45.9%, as compared to the winner of KDD’99. In particular, the efficiency of HCVM is highlighted, as the computational time stays steady while the size of training data exponentially manifolds.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Chirita, P.A., Diederich, J., Nejdl, W.: Mailrank: using ranking for spam detection. In: CIKM 2005: Proceedings of the 14th ACM international conference on Information and knowledge management, pp. 373–380. ACM, New York (2005)

    Chapter  Google Scholar 

  2. Ye, N., Chen, Q.: An anomaly detection technique based on a chi-square statistic for detecting intrusions into information systems. International 17, 105–112 (2001)

    Google Scholar 

  3. Mukkamala, S., Sung, A.H.: Identifying significant features for network forensic analysis using artificial intelligent techniques. Intl. Journal of Digital Evidence 1, 2003 (2003)

    Google Scholar 

  4. Frank, J., Mda-c, N.U.: Artificial intelligence and intrusion detection: Current and future directions. In: Proceedings of the 17th National Computer Security Conference (1994)

    Google Scholar 

  5. Panda, M., Patra, M.R.: Network intrusion detection using naive bayes. International journal of computer science and network security, 258–263 (2007)

    Google Scholar 

  6. Staff, C.: Hackers: companies encounter rise of cyber extortion. Computer Crime Research Center 2006 (2005)

    Google Scholar 

  7. CSI, FBI: Proceedings of the 10th annual computer crime and security survey, vol. 10, pp. 1–23 (2005)

    Google Scholar 

  8. Tsoumakas, G., Katakis, I.: Multi-label classification: An overview. International Journal of Data Warehousing and Mining 3(3), 1–12 (2007)

    Google Scholar 

  9. Boutell, M.R.: Learning multi-label scene classification. Pattern Recognition 37(9), 1757–1771 (2004)

    Article  Google Scholar 

  10. Welzl, E.: Smallest enclosing disks (balls and ellipsoids). In: Maurer, H.A. (ed.) New Results and New Trends in Computer Science. LNCS, vol. 555, pp. 359–370. Springer, Heidelberg (1991)

    Chapter  Google Scholar 

  11. Badoiu, M., Clarkson, K.: Optimal core sets for balls. In: DIMACS Workshop on Computational Geometry (2002)

    Google Scholar 

  12. Kumar, P., Mitchell, J.S.B., Yildirim, E.A.: Approximate minimum enclosing balls in high dimensions using core-sets. J. Exp. Algorithmics 8, 1.1 (2003)

    Article  MathSciNet  Google Scholar 

  13. Tsang, I.W., Kwok, J.T., Cheung, P.-M.: Core vector machines: Fast svm training on very large data sets. Journal of Machine Learning Research 6, 363–392 (2005)

    MathSciNet  Google Scholar 

  14. Hendrik, B., Leander, S., Jan, S., Amanda, C.: Decision trees for hierarchical multilabel classification: A case study in functional genomics. Journal of Machine Learning Research 4213, 18–29 (2006)

    Google Scholar 

  15. KDD 1999 (1999), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

Download references

Author information

Authors and Affiliations

  1. Knowledge Engineering & Discover Research Institute, Auckland University of Technology, Private Bag 92006, Auckland, 1020, New Zealand

    Ye Chen, Shaoning Pang & Nikola Kasabov

  2. Information Security Research Center, National Institute of Information and Communications Technology, Tokyo, 184-8795, Japan

    Tao Ban & Youki Kadobayashi

Authors
  1. Ye Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shaoning Pang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nikola Kasabov
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tao Ban
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Youki Kadobayashi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electronic Engineering, City University of Hong Kong, Hong Kong,  

    Chi Sing Leung

  2. School of Electrical Engineering and Computer Science, Kyungpook National University, 1370 Sankyuk-Dong, Puk-Gu, 702-701, Taegu, Korea

    Minho Lee

  3. School of Information Technology, King Mongkut’s University of Technology Thonburi, 126 Pracha-U-Thit Rd., Bangmod, Thungkru, 10140, Bangkok, Thailand

    Jonathan H. Chan

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chen, Y., Pang, S., Kasabov, N., Ban, T., Kadobayashi, Y. (2009). Hierarchical Core Vector Machines for Network Intrusion Detection. In: Leung, C.S., Lee, M., Chan, J.H. (eds) Neural Information Processing. ICONIP 2009. Lecture Notes in Computer Science, vol 5864. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10684-2_58

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10684-2_58

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10682-8

  • Online ISBN: 978-3-642-10684-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics