Intrusion Detection System based on Hidden Conditional Random Fields

Intrusion detection is an important way to ensure the security of computers and networks. In this paper, a new intrusion detection system (IDS) is proposed based on Hidden Conditional Random Fields (HCRFs). In order to optimize the performance of HCRFs, we bring forward the Two-stage Feature Selection method, which contains Manual Feature Selection method and Backward Feature Elimination Wrapper (BFEW) method. The BFEW is a feature selection method which is introduced based on wrapper approach. Experimental results on KDD99 dataset show that the proposed IDS not only has a great advantage in detection efficiency but also has a higher accuracy when compared with other well-known methods.

[1]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[2]  David D. Lewis,et al.  An evaluation of phrasal and clustered representations on a text categorization task , 1992, SIGIR '92.

[3]  Kotagiri Ramamohanarao,et al.  Conditional Random Fields for Intrusion Detection , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[4]  Jan Vlcek,et al.  Generalizations of the limited-memory BFGS method based on the quasi-product form of update , 2013, J. Comput. Appl. Math..

[5]  Andrew McCallum,et al.  Conditional Random Fields: Probabilistic Models for Segmenting and Labeling Sequence Data , 2001, ICML.

[6]  Zhang Lei,et al.  Intrusion Detection Based on Immune Principles and Fuzzy Association Rules , 2013 .

[7]  Shahram Sarkani,et al.  A network intrusion detection system based on a Hidden Naïve Bayes multiclass classifier , 2012, Expert Syst. Appl..

[8]  Yinhui Li,et al.  An efficient intrusion detection system based on support vector machines and gradually feature removal method , 2012, Expert Syst. Appl..

[9]  Kotagiri Ramamohanarao,et al.  Layered Approach Using Conditional Random Fields for Intrusion Detection , 2010, IEEE Transactions on Dependable and Secure Computing.

[10]  Wafa' Alsharafat,et al.  Applying artificial neural network and extended classifier system for network intrusion detection , 2013, Int. Arab J. Inf. Technol..

[11]  Verónica Bolón-Canedo,et al.  Feature selection and classification in multiple class datasets: An application to KDD Cup 99 dataset , 2011, Expert Syst. Appl..

[12]  Ron Kohavi,et al.  Wrappers for Feature Subset Selection , 1997, Artif. Intell..

[13]  Huan Liu,et al.  Toward integrating feature selection algorithms for classification and clustering , 2005, IEEE Transactions on Knowledge and Data Engineering.

[14]  Trevor Darrell,et al.  Conditional Random Fields for Object Recognition , 2004, NIPS.

[15]  Yixian Yang,et al.  A distance sum-based hybrid method for intrusion detection , 2013, Applied Intelligence.

[16]  Beizhan Wang,et al.  Survey on HMM based anomaly intrusion detection using system calls , 2010, 2010 5th International Conference on Computer Science & Education.

[17]  Neelam Sharma,et al.  INTRUSION DETECTION USING NAIVE BAYES CLASSIFIER WITH FEATURE REDUCTION , 2012 .

[18]  Nasser Yazdani,et al.  Mutual information-based feature selection for intrusion detection systems , 2011, J. Netw. Comput. Appl..

[19]  Kotagiri Ramamohanarao,et al.  Network Security Framework , 2006 .