Survey of learning methods in intrusion detection systems

Intrusion Detection System (IDS) is an essential method to protect network security from incoming on-line threats. Machine learning enable automates the classification of network patterns. This paper review the learning and detection methods in IDS, discuss the problems with existing intrusion detection systems and review data reduction techniques used in IDS in order to deal with huge volumes of audit data. Finally, conclusion and recommendation are included.

[1]  Mamun Bin Ibne Reaz,et al.  A novel SVM-kNN-PSO ensemble method for intrusion detection system , 2016, Appl. Soft Comput..

[2]  Asif Ekbal,et al.  Genetic algorithm combined with support vector machine for building an intrusion detection system , 2012, ICACCI '12.

[3]  Jasmin Kevric,et al.  An effective combining classifier approach using tree algorithms for network intrusion detection , 2017, Neural Computing and Applications.

[4]  Hui Wang,et al.  A clustering-based method for unsupervised intrusion detections , 2006, Pattern Recognit. Lett..

[5]  Christopher Krügel,et al.  Intrusion Detection and Correlation - Challenges and Solutions , 2004, Advances in Information Security.

[6]  Faisal Muhammad Shah,et al.  An ensemble framework of anomaly detection using hybridized feature selection approach (HFSA) , 2015, 2015 SAI Intelligent Systems Conference (IntelliSys).

[7]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1986, 1986 IEEE Symposium on Security and Privacy.

[8]  Ravindra C. Thool,et al.  DAREnsemble: Decision Tree and Rule Learner Based Ensemble for Network Intrusion Detection System , 2016 .

[9]  Shoushan Luo,et al.  Efficient intrusion detection using representative instances , 2013, Comput. Secur..

[10]  Pablo A. Estévez,et al.  A review of feature selection methods based on mutual information , 2013, Neural Computing and Applications.

[11]  Masoud Nikravesh,et al.  Feature Extraction: Foundations and Applications (Studies in Fuzziness and Soft Computing) , 2006 .

[12]  Christopher Krügel,et al.  A multi-model approach to the detection of web-based attacks , 2005, Comput. Networks.

[13]  Andrew J. Clark,et al.  Data preprocessing for anomaly based network intrusion detection: A review , 2011, Comput. Secur..

[14]  Nasser Yazdani,et al.  Mutual information-based feature selection for intrusion detection systems , 2011, J. Netw. Comput. Appl..

[15]  Ashkan Sami,et al.  Entropy-based outlier detection using semi-supervised approach with few positive examples , 2014, Pattern Recognit. Lett..

[16]  Pin-Han Ho,et al.  Measuring IDS-estimated attack impacts for rational incident response: A decision theoretic approach , 2009, Comput. Secur..

[17]  Shahram Sarkani,et al.  MARK-ELM: Application of a novel Multiple Kernel Learning framework for improving the robustness of Network Intrusion Detection , 2015, Expert Syst. Appl..

[18]  Shoushan Luo,et al.  A two-level hybrid approach for intrusion detection , 2016, Neurocomputing.