论文信息 - A Binary-Classification Method Based on Dictionary Learning and ADMM for Network Intrusion Detection

A Binary-Classification Method Based on Dictionary Learning and ADMM for Network Intrusion Detection

With the rapid development of computer networks, network security becomes the focus of attention. Intrusion detection plays an important role in network security. Recently, many typical methods in machine learning have been applied to intrusion detection system, because intrusion detection can be formalized as a binary-classification issue. However, they have a strict requirement for the distribution of dataset, which need a small and balanced dataset with less noise. Few new initiatives have been proposed to handle large and imbalanced datasets. Therefore, based on dictionary learning, we proposed a novel approach called ADM-DL. With the help of alternating direction multipliers method (ADMM) algorithm, the training time of our dictionary gets shorter and the accuracy of the dictionary becomes higher. Moreover, sparse representation and the minimum principle of reconstruction error are adopted to attain a more efficient binary-classification model. ADM-DL not only reduces the complexity of processing intractable datasets, but also obtains a low-complex and high-efficient classification model. The popular KDD-CUP-1999 datasets are adopted to evaluate the performance of our proposal. The experiment results show that ADM-DL can reduce the dimension of network security data, enhance the detection rate and decrease the false alarm rate of intrusion detection.

Xinghao Chen | Xiu Yin | Yingzhou Zhang

[1] Ali A. Ghorbani,et al. A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[2] Rung Ching Chen,et al. An Intrusion Detection Based on Support Vector Machines with a Voting Weight Schema , 2007, IEA/AIE.

[3] Allen Y. Yang,et al. Robust Face Recognition via Sparse Representation , 2009, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[4] Baoxin Li,et al. Discriminative K-SVD for dictionary learning in face recognition , 2010, 2010 IEEE Computer Society Conference on Computer Vision and Pattern Recognition.

[5] Zhu Shun-zhi. Network Intrusion Detection Model Based on Simplified SVM , 2009 .

[6] Stephen P. Boyd,et al. Distributed Optimization and Statistical Learning via the Alternating Direction Method of Multipliers , 2011, Found. Trends Mach. Learn..

[7] Michael Elad,et al. Dictionaries for Sparse Representation Modeling , 2010, Proceedings of the IEEE.

[8] Bingsheng He,et al. On the O(1/n) Convergence Rate of the Douglas-Rachford Alternating Direction Method , 2012, SIAM J. Numer. Anal..

[9] Yinhui Li,et al. An efficient intrusion detection system based on support vector machines and gradually feature removal method , 2012, Expert Syst. Appl..

[10] Alain Rakotomamonjy,et al. Applying alternating direction method of multipliers for constrained dictionary learning , 2013, Neurocomputing.