A clustering-based classifier selection method for network intrusion detection

This paper applies pattern recognition approach based on classifier selection to network intrusion detection and proposes a clustering-based classifier selection method. In the method, multiple clusters are selected for a test sample. Then, the average performance of each classifier on selected clusters is calculated and the classifier with the best average performance is chosen to classify the test sample. In the calculation of average performance, weighted average is adopted. Weight values are calculated according to the distances between the test sample and each selected cluster. Experiments were done on the intrusion detection dataset of KDD'99 to compare the method with the Clustering and Selection (CS) method. The experimental results show the presented method is effective.

[1]  Ludmila I. Kuncheva,et al.  Switching between selection and fusion in combining classifiers: an experiment , 2002, IEEE Trans. Syst. Man Cybern. Part B.

[2]  Gian Luca Marcialis,et al.  A study on the performances of dynamic classifier selection based on local accuracy estimation , 2005, Pattern Recognit..

[3]  Liu Ming,et al.  Transformation from Local Accuracy to Classification Confidence , 2008 .

[4]  Ludmila I. Kuncheva,et al.  A Theoretical Study on Six Classifier Fusion Strategies , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[5]  Fabio Roli,et al.  A Modular Multiple Classifier System for the Detection of Intrusions in Computer Networks , 2003, Multiple Classifier Systems.

[6]  Ludmila I. Kuncheva,et al.  Clustering-and-selection model for classifier combination , 2000, KES'2000. Fourth International Conference on Knowledge-Based Intelligent Engineering Systems and Allied Technologies. Proceedings (Cat. No.00TH8516).

[7]  Luís A. Alexandre,et al.  On combining classifiers using sum and product rules , 2001, Pattern Recognit. Lett..

[8]  Robert P.W. Duin,et al.  PRTools3: A Matlab Toolbox for Pattern Recognition , 2000 .

[9]  James C. Bezdek,et al.  Decision templates for multiple classifier fusion: an experimental comparison , 2001, Pattern Recognit..