Artificial intelligence based ensemble approach for intrusion detection systems

Abstract Internet attacks pose a severe threat to most of the online resources and are a prime concern of security administrators these days. In spite of many efforts, the security techniques are unable to detect the intrusions accurately. Most of the methods suffer from the limitations of a high false positive rate, low detection rate and provide one solution which lacks the classification trade-offs. In this work, an effective two-stage method is proposed to produce a pool of non-dominating solutions or Pareto optimal solutions as base models and their ensembles for detecting the intrusions accurately. It generates Pareto optimal solutions to a chromosome structure in stage 1 formulating Pareto front. Whereas, another approximation to the Pareto front of optimal solutions is made to obtain non-dominating ensembles in the second stage. The final prediction ensemble solutions are computed from individual predictions using majority voting approach. Applicability of the suggested method is validated using benchmark dataset NSL-KDD dataset. The experimental results show that the recommended method provides better results than conventional ensemble techniques. The recommended method is also adequate to generate Pareto optimal solutions that address the issue of improving detection accuracy for minority as well as majority attack classes along with handling classification tradeoff problem. The proposed method resulted detection accuracy of 97% with FPR of 2% for KDD dataset respectively. The most attractive feature of the proposed method is that both generation of base classifier and their ensemble thereof are multi-objective in nature addressing the issue of low detection accuracy and classification tradeoffs.

[1]  C. K. Kwong,et al.  A multi-objective genetic algorithm approach to rule mining for affective product design , 2012, Expert Syst. Appl..

[2]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[3]  Bing Zhou,et al.  An Efficient Method of Crowd Aggregation Computation in Public Areas , 2018, IEEE Transactions on Circuits and Systems for Video Technology.

[4]  Anil K. Jain,et al.  Statistical Pattern Recognition: A Review , 2000, IEEE Trans. Pattern Anal. Mach. Intell..

[5]  Salvatore J. Stolfo,et al.  Adaptive Intrusion Detection: A Data Mining Approach , 2000, Artificial Intelligence Review.

[6]  Subhash C. Bagui,et al.  Combining Pattern Classifiers: Methods and Algorithms , 2005, Technometrics.

[7]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[8]  R. M. Chandrasekaran,et al.  Intrusion detection using neural based hybrid classification methods , 2011, Comput. Networks.

[9]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[10]  Dinesh Manocha,et al.  ACSEE: Antagonistic Crowd Simulation Model With Emotional Contagion and Evolutionary Game Theory , 2019, IEEE Transactions on Affective Computing.

[11]  G. Kumar,et al.  The Use of Multi-Objective Genetic Algorithm Based Approach to Create Ensemble of ANN for Intrusion Detection , 2012 .

[12]  Gulshan Kumar,et al.  The Use of Artificial-Intelligence-Based Ensembles for Intrusion Detection: A Review , 2012, Appl. Comput. Intell. Soft Comput..

[13]  Lefteris Angelis,et al.  Selective fusion of heterogeneous classifiers , 2005, Intell. Data Anal..

[14]  Carlos A. Coello Coello,et al.  A Comprehensive Survey of Evolutionary-Based Multiobjective Optimization Techniques , 1999, Knowledge and Information Systems.

[15]  Ian H. Witten,et al.  Data mining: practical machine learning tools and techniques, 3rd Edition , 1999 .

[16]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[17]  Kalyanmoy Deb,et al.  A Computationally Efficient Evolutionary Algorithm for Real-Parameter Optimization , 2002, Evolutionary Computation.

[18]  Kalyanmoy Deb,et al.  AMGA: an archive-based micro genetic algorithm for multi-objective optimization , 2008, GECCO '08.

[19]  Vegard Engen Machine learning for network based intrusion detection : an investigation into discrepancies in findings with the KDD cup '99 data set and multi-objective evolution of neural network classifier ensembles from imbalanced data , 2010 .

[20]  Carlos A. Coello Coello,et al.  An updated survey of GA-based multiobjective optimization techniques , 2000, CSUR.

[21]  Yin Yang,et al.  Interactive mechanism modeling from multi-view images , 2016, ACM Trans. Graph..

[22]  Eulanda M. dos Santos Static and dynamic overproduction and selection of classifier ensembles with genetic algorithms , 2008 .

[23]  Stefan Axelsson,et al.  Intrusion Detection Systems: A Survey and Taxonomy , 2002 .

[24]  Robert Sabourin,et al.  Iterative Boolean combination of classifiers in the ROC space: An application to anomaly detection with HMMs , 2010, Pattern Recognit..

[25]  Bo Yang,et al.  Hybrid flexible neural‐tree‐based intrusion detection systems , 2007, Int. J. Intell. Syst..

[26]  Robert Sabourin,et al.  Adaptive ROC-based ensembles of HMMs applied to anomaly detection , 2012, Pattern Recognit..

[27]  Atilla Özgür,et al.  Feature selection and multiple classifier fusion using genetic algorithms in intrusion detection systems , 2018 .

[28]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[29]  Robert I. Damper,et al.  A 'No Panacea Theorem' for classifier combination , 2008, Pattern Recognit..

[30]  Kalyanmoy Deb,et al.  AMGA2: improving the performance of the archive-based micro-genetic algorithm for multi-objective optimization , 2011 .

[31]  Siti Mariyam Shamsuddin,et al.  Ensemble classifiers for network intrusion detection system , 2009 .

[32]  Bing Zhou,et al.  Crowd Behavior Evolution With Emotional Contagion in Political Rallies , 2019, IEEE Transactions on Computational Social Systems.

[33]  Giorgio Valentini,et al.  Integration of heterogeneous data sources for gene function prediction using decision templates and ensembles of learning machines , 2010, Neurocomputing.

[34]  Hisao Ishibuchi,et al.  Evolutionary multiobjective optimization for the design of fuzzy rule-based ensemble classifiers , 2006, Int. J. Hybrid Intell. Syst..

[35]  Martin J. Oates,et al.  PESA-II: region-based selection in evolutionary multiobjective optimization , 2001 .

[36]  Fabio Roli,et al.  An approach to the automatic design of multiple classifier systems , 2001, Pattern Recognit. Lett..

[37]  Cheng Xiang,et al.  Design of Multiple-Level Hybrid Classifier for Intrusion Detection System , 2005, 2005 IEEE Workshop on Machine Learning for Signal Processing.

[38]  Adel Nadjaran Toosi,et al.  A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers , 2007, Comput. Commun..

[39]  Taeho Jo,et al.  Class imbalances versus small disjuncts , 2004, SKDD.

[40]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[41]  Jing Liao,et al.  Stylized Aesthetic QR Code , 2018, IEEE Transactions on Multimedia.

[42]  Mingliang Xu,et al.  Crowd queuing simulation with an improved emotional contagion model , 2019, Science China Information Sciences.

[43]  Hua Wang,et al.  Crowd Behavior Simulation With Emotional Contagion in Unexpected Multihazard Situations , 2018, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[44]  F. Herrera,et al.  Evolutionary Fuzzy Systems: A Case Study for Intrusion Detection Systems , 2018, Studies in Computational Intelligence.

[45]  Kalyanmoy Deb,et al.  A Fast Elitist Non-dominated Sorting Genetic Algorithm for Multi-objective Optimisation: NSGA-II , 2000, PPSN.

[46]  Fabio Roli,et al.  Alarm clustering for intrusion detection systems in computer networks , 2005, Eng. Appl. Artif. Intell..

[47]  Lothar Thiele,et al.  Comparison of Multiobjective Evolutionary Algorithms: Empirical Results , 2000, Evolutionary Computation.

[48]  Nur Izura Udzir,et al.  A K-Means and Naive Bayes Learning Approach for Better Intrusion Detection , 2011 .

[49]  S. Sai Satyanarayana Reddy,et al.  Intrusion Detection in Wireless Network Using Fuzzy Logic Implemented with Genetic Algorithm , 2019 .