Network Anomaly Detection System with Optimized DS Evidence Theory

Network anomaly detection has been focused on by more people with the fast development of computer network. Some researchers utilized fusion method and DS evidence theory to do network anomaly detection but with low performance, and they did not consider features of network—complicated and varied. To achieve high detection rate, we present a novel network anomaly detection system with optimized Dempster-Shafer evidence theory (ODS) and regression basic probability assignment (RBPA) function. In this model, we add weights for each senor to optimize DS evidence theory according to its previous predict accuracy. And RBPA employs sensor's regression ability to address complex network. By four kinds of experiments, we find that our novel network anomaly detection model has a better detection rate, and RBPA as well as ODS optimization methods can improve system performance significantly.

[1]  Wei Wei,et al.  A Clustering Algorithm Based on D-S Evidence Theory for Wireless Sensor Networks , 2014 .

[2]  Cui-Mei Bao Intrusion Detection Based on One-class SVM and SNMP MIB Data , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[3]  Gengming Zhu,et al.  Research of Intrusion Detection Based on Support Vector Machine , 2008, 2008 International Conference on Advanced Computer Theory and Engineering.

[4]  A.H. Sung,et al.  Identifying important features for intrusion detection using support vector machines and neural networks , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[5]  Lin Lin,et al.  A Multiple Classification Method Based on the D-S Evidence Theory , 2014 .

[6]  N. Balakrishnan,et al.  Performance enhancement of Intrusion Detection Systems using advances in sensor fusion , 2008, 2008 11th International Conference on Information Fusion.

[7]  N. Balakrishnan,et al.  Improvement in Intrusion Detection With Advances in Sensor Fusion , 2009, IEEE Transactions on Information Forensics and Security.

[8]  Jianhua Li,et al.  Intrusion Detection Engine Based on Dempster-Shafer's Theory of Evidence , 2006, 2006 International Conference on Communications, Circuits and Systems.

[9]  Stuart Staniford-Chen,et al.  Practical Automated Detection of Stealthy Portscans , 2002, J. Comput. Secur..

[10]  Basil S. Maglaris,et al.  Towards multisensor data fusion for DoS detection , 2004, SAC '04.

[11]  Jun Xu,et al.  A Result Fusion based Distributed Anomaly Detection System for Android Smartphones , 2013, J. Networks.

[12]  Fabio Roli,et al.  Intrusion detection in computer networks by multiple classifier systems , 2002, Object recognition supported by user interaction for service robots.

[13]  Jacinth Salome,et al.  Fuzzy Data Mining and Genetic Algorithms Applied to Intrusion Detection , 2007 .

[14]  Vallipuram Muthukkumarasamy,et al.  Flow-Based Anomaly Detection Using Neural Network Optimized with GSA Algorithm , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops.

[15]  Chih-Jen Lin,et al.  LIBSVM: A library for support vector machines , 2011, TIST.

[16]  Xingyu Wang,et al.  Distributed intrusion detection system based on data fusion method , 2004, Fifth World Congress on Intelligent Control and Automation (IEEE Cat. No.04EX788).

[17]  Narayanaswamy Balakrishnan,et al.  Advanced sensor fusion technique for enhanced Intrusion Detection , 2008, 2008 IEEE International Conference on Intelligence and Security Informatics.

[18]  Li Tian,et al.  Research on Network Intrusion Detection System Based on Improved K-means Clustering Algorithm , 2009, 2009 International Forum on Computer Science-Technology and Applications.

[19]  Wuling Ren,et al.  Application of Network Intrusion Detection Based on Fuzzy C-Means Clustering Algorithm , 2009, 2009 Third International Symposium on Intelligent Information Technology Application.

[20]  Siyang Zhang,et al.  A novel hybrid KPCA and SVM with GA model for intrusion detection , 2014, Appl. Soft Comput..

[21]  Susan M. Bridges,et al.  FUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION , 2002 .

[22]  Zou Wei,et al.  A Network Anomaly Detector Based on the D-S Evidence Theory , 2006 .

[23]  Fabio Roli,et al.  Fusion of multiple classifiers for intrusion detection in computer networks , 2003, Pattern Recognit. Lett..

[24]  Rayford B. Vaughn,et al.  Intrusion sensor data fusion in an intelligent intrusion detection system architecture , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[25]  Jiri Matas,et al.  On Combining Classifiers , 1998, IEEE Trans. Pattern Anal. Mach. Intell..

[26]  Alexander G. Tartakovsky,et al.  Efficient Computer Network Anomaly Detection by Changepoint Detection Methods , 2012, IEEE Journal of Selected Topics in Signal Processing.