Improving Multiclass Classification in Intrusion Detection Using Clustered Linear Separator Analytics

This research proposes a new ensemble classification technique called Clustered Linear Separator Analytic (CLSA) for intrusion detection system. The approach makes use of both linear separation technique as well as cluster based approach. Genetic Linear Discriminant Analysis (GLDA) is used for features transformation and optimum subset selection while CLSA is used for classification. CLSA is a much improved version of SVM and LDA as it performed both binary and multi-class classification when combined rather than when employed independently. Comparative experiments were performed with SVM (Support Vector Machine) with its variant kernels and CLSA to evaluate the robustness and classification accuracy of the proposed approach. Detection rate (DR) were used to evaluate the performance of the proposed system. The results indicate that the combination of these approaches produce an efficient IDS compared with state-of-the-art approaches.

[1]  Sheng-Hsun Hsu,et al.  Application of SVM and ANN for intrusion detection , 2005, Comput. Oper. Res..

[2]  R. Yusof,et al.  The Comparative Study of SVM Tools for Data Classification , 2003 .

[3]  Dong Seong Kim,et al.  Genetic algorithm to improve SVM based network intrusion detection system , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[4]  Hongle Du,et al.  Intrusion Detection System Based on Improved SVM Incremental Learning , 2009, 2009 International Conference on Artificial Intelligence and Computational Intelligence.

[5]  Ioannis Pitas,et al.  Demonstrating the stability of support vector machines for classification , 2006, Signal Process..

[6]  Cheng-Lung Huang,et al.  A GA-based feature selection and parameters optimizationfor support vector machines , 2006, Expert Syst. Appl..

[7]  Andrew P. Bradley,et al.  The use of the area under the ROC curve in the evaluation of machine learning algorithms , 1997, Pattern Recognit..

[8]  Muhammad Hussain,et al.  Optimized intrusion detection mechanism using soft computing techniques , 2013, Telecommun. Syst..

[9]  Azween Abdullah,et al.  Improving Intrusion Detection using Genetic Linear Discriminant Analysis , 2015 .

[10]  Junhui Wang Consistent selection of the number of clusters via crossvalidation , 2010 .

[11]  Jiankun Hu,et al.  Evaluating host-based anomaly detection systems: A preliminary analysis of ADFA-LD , 2013, 2013 6th International Congress on Image and Signal Processing (CISP).

[12]  Jiankun Hu,et al.  Generation of a new IDS test dataset: Time to retire the KDD collection , 2013, 2013 IEEE Wireless Communications and Networking Conference (WCNC).

[13]  Bhavani M. Thuraisingham,et al.  A new intrusion detection system using support vector machines and hierarchical clustering , 2007, The VLDB Journal.

[14]  R. G. M. Helali Data Mining Based Network Intrusion Detection System: A Survey , 2008, TeNe.

[15]  Aditya Krishna Menon,et al.  Large-Scale Support Vector Machines: Algorithms and Theory , 2009 .

[16]  Snehal A. Mulay,et al.  Intrusion Detection System using Support Vector Machine and Decision Tree , 2010 .

[17]  Jingwen Tian,et al.  Intrusion Detection Method Based on Classify Support Vector Machine , 2009, 2009 Second International Conference on Intelligent Computation Technology and Automation.

[18]  Mehdi MORADI,et al.  A Neural Network Based System for Intrusion Detection and Classification of Attacks , 2004 .

[19]  Brahim Belhaouari Samir,et al.  An approach towards intrusion detection using PCA feature subsets and SVM , 2012, 2012 International Conference on Computer & Information Science (ICCIS).

[20]  Chih-Jen Lin,et al.  Working Set Selection Using Second Order Information for Training Support Vector Machines , 2005, J. Mach. Learn. Res..

[21]  Chih-Jen Lin,et al.  A Practical Guide to Support Vector Classication , 2008 .

[22]  Boris G. Mirkin,et al.  Intelligent Choice of the Number of Clusters in K-Means Clustering: An Experimental Study with Different Cluster Spreads , 2010, J. Classif..

[23]  Hava T. Siegelmann,et al.  Support Vector Clustering , 2002, J. Mach. Learn. Res..

[24]  S Vijayarani,et al.  INTRUSION DETECTION SYSTEM - A STUDY , 2015 .

[25]  Jieping Ye,et al.  Training SVM with indefinite kernels , 2008, ICML '08.

[26]  Su-Ping Chen,et al.  INTRUSION DETECTION USING A HYBRID SUPPORT VECTOR MACHINE BASED ON ENTROPY AND TF-IDF , 2008 .

[27]  A. Rubinov,et al.  Unsupervised and supervised data classification via nonsmooth and global optimization , 2003 .

[28]  Michael I. Jordan,et al.  Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint , 2001 .

[29]  I. Guyon,et al.  Detecting stable clusters using principal component analysis. , 2003, Methods in molecular biology.

[30]  Jiankun Hu,et al.  Evaluating host-based anomaly detection systems: Application of the one-class SVM algorithm to ADFA-LD , 2014, 2014 11th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD).