Network intrusion detection in high dimensional space

We propose and evaluate an approach for network intrusion detection in high dimensional space. This approach is based on an approximate solution to the nearest neighbor problem. Our evaluation is based on the KDD'99 data set, a Yahoo web spam data set and another set used in the NIPS'03 feature selection challenge. The approximate approach shows that good performance in terms of detection rate and false positives rate can be achieved.

[1]  Emin Anarim,et al.  An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks , 2005, Expert Syst. Appl..

[2]  Ron Kohavi,et al.  A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection , 1995, IJCAI.

[3]  Charles Elkan,et al.  Results of the KDD'99 classifier learning , 2000, SKDD.

[4]  Dong Seong Kim,et al.  Network-Based Intrusion Detection with Support Vector Machines , 2003, ICOIN.

[5]  Ethem Alpaydin,et al.  Introduction to machine learning , 2004, Adaptive computation and machine learning.

[6]  Nicole Immorlica,et al.  Locality-sensitive hashing scheme based on p-stable distributions , 2004, SCG '04.

[7]  Itzhak Levin,et al.  KDD-99 classifier learning contest LLSoft's results overview , 2000, SKDD.

[8]  Zied Elouedi,et al.  Naive Bayes vs decision trees in intrusion detection systems , 2004, SAC '04.

[9]  Peter Szor,et al.  The Art of Computer Virus Research and Defense , 2005 .

[10]  Bernhard Pfahringer,et al.  Winning the KDD99 classification cup: bagged boosting , 2000, SKDD.

[11]  M. Shyu,et al.  A Novel Anomaly Detection Scheme Based on Principal Component Classifier , 2003 .

[12]  Malcolm I. Heywood,et al.  Training genetic programming on half a million patterns: an example from anomaly detection , 2005, IEEE Transactions on Evolutionary Computation.

[13]  Gürsel Serpen,et al.  Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context , 2003, MLMTA.

[14]  Miheev Vladimir,et al.  The MP13 approach to the KDD'99 classifier learning contest , 2000 .

[15]  Sylvain Gombault,et al.  Eigenconnections to Intrusion Detection , 2004, SEC.