An analysis of supervised tree based classifiers for intrusion detection system

Due to increase in intrusion incidents over internet, many network intrusion detection systems are developed to prevent network attacks. Data mining, pattern recognition and classification methods are used to classify network events as a normal or anomalous one. This paper is aimed at evaluating different tree based classification algorithms that classify network events in intrusion detection systems. Experiments are conducted on NSL-KDD 99 dataset. Dimensionality of the attribute of the dataset is reduced. The results show that RandomTree model holds the highest degree of accuracy and reduced false alarm rate. RandomTree model is evaluated with other leading intrusion detection models to determine its better predictive accuracy.

[1]  Atsushi Inoue,et al.  Support vector classifiers and network intrusion detection , 2004, 2004 IEEE International Conference on Fuzzy Systems (IEEE Cat. No.04CH37542).

[2]  Zheng Zhang,et al.  HIDE : a Hierarchical Network Intrusion Detection System Using Statistical Preprocessing and Neural Network Classification , 2001 .

[3]  T.F. Lunt,et al.  Real-time intrusion detection , 1989, Digest of Papers. COMPCON Spring 89. Thirty-Fourth IEEE Computer Society International Conference: Intellectual Leverage.

[4]  Ajith Abraham,et al.  Modeling intrusion detection system using hybrid intelligent systems , 2007, J. Netw. Comput. Appl..

[5]  Eugene H. Spafford,et al.  A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION , 1994 .

[6]  Bo Gao,et al.  HMMs (Hidden Markov models) based on anomaly intrusion detection method , 2002, Proceedings. International Conference on Machine Learning and Cybernetics.

[7]  Isabelle Guyon,et al.  Model Selection: Beyond the Bayesian/Frequentist Divide , 2010, J. Mach. Learn. Res..

[8]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[9]  Mohammad Zulkernine,et al.  Random-Forests-Based Network Intrusion Detection Systems , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[10]  Andrew H. Sung,et al.  Intrusion detection using an ensemble of intelligent paradigms , 2005, J. Netw. Comput. Appl..

[11]  Arputharaj Kannan,et al.  Decision tree based light weight intrusion detection using a wrapper approach , 2012, Expert Syst. Appl..

[12]  N. B. Anuar,et al.  Identifying False Alarm for Network Intrusion Detection System Using Hybrid Data Mining and Decision Tree , 2008 .

[13]  Sushil Jajodia,et al.  Detecting Novel Network Intrusions Using Bayes Estimators , 2001, SDM.

[14]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[15]  Jaideep Srivastava,et al.  A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection , 2003, SDM.

[16]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[17]  Jacinth Salome,et al.  Fuzzy Data Mining and Genetic Algorithms Applied to Intrusion Detection , 2007 .

[18]  Ester Yen,et al.  Data mining-based intrusion detectors , 2009, Expert Syst. Appl..

[19]  Geoff Holmes,et al.  Multiclass Alternating Decision Trees , 2002, ECML.

[20]  Harold S. Javitz,et al.  The NIDES Statistical Component Description and Justification , 1994 .

[21]  Sam Kwong,et al.  Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection , 2007, Pattern Recognition.

[22]  Shahram Sarkani,et al.  A network intrusion detection system based on a Hidden Naïve Bayes multiclass classifier , 2012, Expert Syst. Appl..

[23]  Xin Yu,et al.  Improving TCP performance over mobile ad hoc networks by exploiting cross-layer information awareness , 2004, MobiCom '04.

[24]  J. Ross Quinlan,et al.  Improved Use of Continuous Attributes in C4.5 , 1996, J. Artif. Intell. Res..

[25]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[26]  Pat Langley,et al.  Selection of Relevant Features and Examples in Machine Learning , 1997, Artif. Intell..