Multi-class imbalanced learning implemented in network intrusion detection

In view of the problems of using traditional machine learning method to detect the network intrusions, a network intrusion detection model based on multi-class imbalanced learning is proposed. Based on the consideration that there is within-class imbalance in large data sets and multi-class data sets, every class of the training data is firstly clustered. Some minimum bounding hyperspheres are formed by Support Vector Date Description (SVDD) according to the clustering results. A test sample is assigned the label of hyperspheres if its distance to the sphere center is smaller than or equal to the radius. The model is testified by experiments on network security data sets.

[1]  Shigeo Abe,et al.  Implementing Multi-class Classifiers by One-class Classification Methods , 2006, The 2006 IEEE International Joint Conference on Neural Network Proceedings.

[2]  Nathalie Japkowicz,et al.  Concept-Learning in the Presence of Between-Class and Within-Class Imbalances , 2001, Canadian Conference on AI.

[3]  Shin Ishii,et al.  Multiclass classification as a decoding problem , 2007, 2007 IEEE Symposium on Foundations of Computational Intelligence.

[4]  Isabelle Guyon,et al.  Comparison of classifier methods: a case study in handwritten digit recognition , 1994, Proceedings of the 12th IAPR International Conference on Pattern Recognition, Vol. 3 - Conference C: Signal Processing (Cat. No.94CH3440-5).

[5]  Chih-Jen Lin,et al.  A comparison of methods for multiclass support vector machines , 2002, IEEE Trans. Neural Networks.

[6]  David G. Stork,et al.  Pattern Classification , 1973 .

[7]  Ulrich H.-G. Kreßel,et al.  Pairwise classification and support vector machines , 1999 .

[8]  Nello Cristianini,et al.  Large Margin DAGs for Multiclass Classification , 1999, NIPS.

[9]  John Platt,et al.  Large Margin DAG's for Multiclass Classification , 1999 .

[10]  Defeng Wang,et al.  Structured One-Class Classification , 2006, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[11]  Chandan Srivastava,et al.  Support Vector Data Description , 2011 .