Neural networks vs . decision trees for intrusion detection

Signature based intrusion detection systems cannot detect new attacks. These systems are the most used and developed ones. Current anomaly based intrusion detection systems are also unable to detect all kinds of new attacks because they are designed to restricted applications on limited environment. Current hackers are using new attacks where neither preventive techniques mainly based on access control nor current intrusion detection systems can prevent the devastating results of these attacks against information systems. We enhance the notion of anomaly detection and we use both neural networks and decision trees for intrusion detection. Since these techniques are mainly applicable to misuse detection, we use our anomaly detection enhancement and improve these techniques for anomaly detection. Experimental results demonstrate that while neural networks are highly successful in detecting known attacks, decision trees are more interesting to detect new attacks. The proposed methods outperform previous work in detecting both known and new attacks.

[1]  Charles Elkan,et al.  Results of the KDD'99 classifier learning , 2000, SKDD.

[2]  Thomas G. Dietterich What is machine learning? , 2020, Archives of Disease in Childhood.

[3]  Geoffrey E. Hinton,et al.  Learning representations by back-propagating errors , 1986, Nature.

[4]  James Cannady,et al.  Artificial Neural Networks for Misuse Detection , 1998 .

[5]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[6]  Wenke Lee,et al.  A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems , 1999 .

[7]  J. Ross Quinlan,et al.  Induction of Decision Trees , 1986, Machine Learning.

[8]  Alberto Maria Segre,et al.  Programs for Machine Learning , 1994 .

[9]  W. R. Garner Concept Learning: An Information- Processing Problem , 1964 .

[10]  Hervé Debar,et al.  A neural network component for an intrusion detection system , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.