Improving the Attack Detection Rate in Network Intrusion Detection using Adaboost Algorithm

Problem statement: Nowadays, the Internet plays an important role in communication between people. To ensure a secure communication between two parties, we need a security system to detect the attacks very effectively. Network intrusion detection serves as a major system to work with other security system to protect the computer networks. Approach: In this article, an Adaboost algorithm for network intrusion detection system with single weak classifier is proposed. The classifiers such as Bayes Net, Naive Bayes and Decision tree are used as weak classifiers. A benchmark data set is used in these experiments to demonstrate that boosting algorithm can greatly improve the classification accuracy of weak classification algorithms. Results: Our approach achieves a higher detection rate with low false alarm rates and is scalable for large data sets, resulting in an effective intrusion detection system. Conclusion: The Naive Bayes and Decision Tree Classifiers have comparatively better performance as a weak classifier with Adaboost, it should be considered for the building of IDS.

[1]  Siti Mariyam Shamsuddin,et al.  Ensemble classifiers for network intrusion detection system , 2009 .

[2]  Cheng Xiang,et al.  Design of Multiple-Level Hybrid Classifier for Intrusion Detection System , 2005, 2005 IEEE Workshop on Machine Learning for Signal Processing.

[3]  Mohammad Zulkernine,et al.  Anomaly Based Network Intrusion Detection with Unsupervised Outlier Detection , 2006, 2006 IEEE International Conference on Communications.

[4]  Nir Friedman,et al.  Bayesian Network Classifiers , 1997, Machine Learning.

[5]  Somnuk Phon-Amnuaisuk,et al.  A cascaded classifier approach for improving detection rates on rare attack categories in network intrusion detection , 2010, Applied Intelligence.

[6]  Mrudula Gudadhe,et al.  A new data mining based network Intrusion Detection model , 2010, 2010 International Conference on Computer and Communication Technology (ICCCT).

[7]  Yoav Freund,et al.  A decision-theoretic generalization of on-line learning and an application to boosting , 1997, EuroCOLT.

[8]  Gürsel Serpen,et al.  Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context , 2003, MLMTA.

[9]  A.N. Zincir-Heywood,et al.  On the capability of an SOM based intrusion detection system , 2003, Proceedings of the International Joint Conference on Neural Networks, 2003..

[10]  Xu Rongsheng,et al.  Modeling Intrusion Detection System by Discovering Association Rule in Rough Set Theory Framework , 2006, 2006 International Conference on Computational Inteligence for Modelling Control and Automation and International Conference on Intelligent Agents Web Technologies and International Commerce (CIMCA'06).

[11]  Petra Perner,et al.  Data Mining - Concepts and Techniques , 2002, Künstliche Intell..

[12]  Daniel T. Larose,et al.  Discovering Knowledge in Data: An Introduction to Data Mining , 2005 .

[13]  Kotagiri Ramamohanarao,et al.  Layered Approach Using Conditional Random Fields for Intrusion Detection , 2010, IEEE Transactions on Dependable and Secure Computing.

[14]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[15]  S. T. Sarasamma,et al.  Hierarchical Kohonenen net for anomaly detection in network security , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[16]  Na Li,et al.  An intrusion detection method based on decision tree , 2010, 2010 International Conference on E-Health Networking Digital Ecosystems and Technologies (EDT).

[17]  Chongzhao Han,et al.  A boosting approach for intrusion detection , 2007 .

[18]  Somnuk Phon-Amnuaisuk,et al.  Comparing Single and Multiple Bayesian Classifiers Approaches for Network Intrusion Detection , 2010, 2010 Second International Conference on Computer Engineering and Applications.

[19]  Fabio Roli,et al.  Fusion of multiple classifiers for intrusion detection in computer networks , 2003, Pattern Recognit. Lett..

[20]  Wei Hu,et al.  AdaBoost-Based Algorithm for Network Intrusion Detection , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[21]  Bernhard Pfahringer,et al.  Winning the KDD99 classification cup: bagged boosting , 2000, SKDD.

[22]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[23]  Yoav Freund,et al.  A decision-theoretic generalization of on-line learning and an application to boosting , 1995, EuroCOLT.