DAREnsemble: Decision Tree and Rule Learner Based Ensemble for Network Intrusion Detection System

The Intrusion detection system is a network security application which detects anomalies and attackers. Therefore, there is a need of devising and developing a robust and reliable intrusion detection system. Different techniques of machine learning have been used to implement intrusion detection systems. Recently, ensemble of different classifiers is widely used to implement it. In ensemble method, the appropriate selection of base classifiers is a very important process. In this paper, the issues of base classifiers selection are discussed. The main goal of this experimental work is to find out the appropriate base classifiers for ensemble classifier. The best set of base classifier and the best combination rules are identified to build ensemble classifier. A new architecture, DAREnsemble, have proposed for intrusion detection system that consists of unstable base classifiers. DAREnsemble is formulated by combining the advantages of rule learners and decision trees. The performance of the proposed ensemble based classifier for intrusion detection system has evaluated in terms of false positives, root mean squared error and classification accuracy. The experimental results show that the proposed ensemble classifier for intrusion detection system exhibits lowest false positive rate with higher classification accuracy at the expense of model building time and increased complexity.

[1]  S. Selvakumar,et al.  Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems , 2013, Comput. Commun..

[2]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[3]  Lior Rokach,et al.  Improving malware detection by applying multi-inducer ensemble , 2009, Comput. Stat. Data Anal..

[4]  Charlie Obimbo,et al.  Multiple SOFMs Working Cooperatively In a Vote-based Ranking System For Network Intrusion Detection , 2011, Complex Adaptive Systems.

[5]  Andrew H. Sung,et al.  Intrusion detection using an ensemble of intelligent paradigms , 2005, J. Netw. Comput. Appl..

[6]  Yuan-Cheng Lai,et al.  Creditability-based weighted voting for reducing false positives and negatives in intrusion detection , 2013, Comput. Secur..

[7]  Manas Ranjan Patra,et al.  A Hybrid Intelligent Approach for Network Intrusion Detection , 2012 .

[8]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[9]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[10]  Ravindra C. Thool,et al.  Intrusion Detection System Using Bagging Ensemble Method of Machine Learning , 2015, 2015 International Conference on Computing Communication Control and Automation.

[11]  Yang Liu,et al.  Combining integrated sampling with SVM ensembles for learning from imbalanced datasets , 2011, Inf. Process. Manag..

[12]  Bartosz Krawczyk,et al.  Clustering-based ensembles for one-class classification , 2014, Inf. Sci..

[13]  Elsayed A. Sallam,et al.  A hybrid network intrusion detection framework based on random forests and weighted k-means , 2013 .