A Machine Learning Approach for Intrusion Detection using Ensemble Technique - A Survey

Authors

  • Shraddha Khonde  Research Scholar, Department of CSE, Sathyabama Institute of Science and Technology, Chennai, Tamil Nadu, India
  • V. Ulagamuthalvi   Professor, Department of CSE, Sathyabama Institute of Science and Technology, Chennai, Tamil Nadu, India

Keywords:

IDS, Intrusion Detection System, Artificial Intelligence, AI, Majority Voting, Ensemble Learning, Random Forest, SVM, DT, Collaborative IDS and Distributed IDS.

Abstract

An Intrusion detection system is a machine or software that monitors the traffic in a network and on detection of a malicious packet, informs the user or a specific acting unit which can take further action and avoid the malicious packet from entering the network. In network intrusion, there may be multiple computing nodes attacked by intruders. The evidences of intrusions have to gather from all such attacked nodes. An intruder may move between multiple nodes in the network to conceal the origin of attack, or misuse some compromised hosts to launch the attack on other nodes. To detect such intrusion activities spread over the whole network, we present a new intrusion detection system (IDS) that classifies data with three different classifiers and an Ensemble technique that selects the majority of the three classifiers to assign the packet in the network as anomaly or normal. In this paper, we discuss a different ways to implement intelligent IDS, which classifies the normal traffic in a network with abnormal or attacked ones. This paper explains the method that used to generate such a system and the various classifiers used in the generation process. The dataset used to train classifiers can be NSL - KDD, KDD Cup 1999, KDD99 dataset. The IDS proposed here can serve many applications in the field of Military Systems, Banks and Social Networking websites where data is very sensitive. The paper also explains related work done in this field and briefly explains every classifier, the network attacks and the dataset.

References

  1. Preeti Aggarwala, Sudhir Kumar Sharma "Analysis of KDD Dataset Attributes" ICRTC 2015.
  2. Jayshree Jha and Leena Ragha". Intrusion Detection System using Support Vector Machine" ICWAI 2013.
  3. Nabila Farnaaz and M. A. Jabbar,"Random Forest Modeling for Intrusion Detection System" Tavel, P. 2007 Modeling and Simulation Design. AK Peters Ltd. IMCIP 2016.
  4. Md. Al Mehedi Hasan, Md Nasser, Biprodip Pal and Shamim Ahmad," Support Vector Machine and Random Forest Modeling for Intrusion Detection System Forman", G. 2003. An extensive empirical study of feature selection metrics for text classification. JILSA 2014 (Mar. 2003), 1289-1305.
  5. Sang-Hyun Choi, Hee-su Chae, Byung-oh Jo and, Twae-kyung Park, "Feature Selection for Intrusion Detection and NSL-KDD".
  6. M. Mahoney and P. Chan, "PHAD: Packet header anomaly detection for identifying hostile network traffic", Technical report, Florida Tech., technical report CS-2001-4, April 2001.
  7. Mahoney M. and P. Chan, "Learning models of network traffic for detecting novel attacks", Technical report, Florida Tech 2002.
  8. D. Barbara, N. Wu and S. Jajodia, "Detecting Novel Network Intrusions using Bayes Estimators", Proceedings of the 1st SIAM International Conference on Data Mining, 2001.
  9. Dietterich TG." Ensemble methods in machine learning.In: Multiple classifier systems".
  10. Axelsson S. "Intrusion detection systems: a survey and taxonomy", Tech. rep., Technical report Chalmers University of Technology, Goteborg, Sweden; 2000.
  11. Meng Y, Kwok L-F. "Enhancing false alarm reduction using voted ensemble selection in intrusion detection. Int J Computer IntellSystem 2013;6(4):626-38.
  12. Chawla NV, Hall LO, Bowyer KW, Moore T Jr, Kegelmeyer WP, "Distributed pasting of small votes. In: International workshop on multiple classifier systems. Springer; 2002. p. 52-61.
  13. Perdisci Roberto, Ariu Davide, Fogla Prahlad, Giacinto Giorgio, Lee Wenke. McPAD "A multiple classifier system for accurate payload-based anomaly detection". Computer Network.2009;53(6):864-81
  14. Borji, Ali, "Combining heterogeneous classifiers for network intrusion detection". In:Cervesato, Iliano,(Ed.), Advances in Computer Science-ASIAN2007. Computer and Network Security, Lecture Notes in Computer Science, vol.4846. Springer, Berlin,Heidelberg,pp.254-260, 2007.
  15. Aburomman Abdulla Amin, Ibne Reaz Mamun Bin. "A novel SVM-kNN-PSO ensemble method for intrusion detection system" Applied .Soft Computing. 2016;38:360-72.
  16. Littlestone Nick, Warmuth Manfred K."The weighted majority algorithm" .International Conference on Computing 1994; 108(February (2)):212-61
  17. Sivatha Sindhu Siva S, Geetha S, Kannan "A. Decision tree based lightweight intrusion detection using a wrapper approach". Expert System .Applications.2012;39(1): 129-141.
  18. Giacinto Giorgio, Perdisci Roberto, DelRio Mauro, Roli Fabio. "Intrusion detection in computer networks by a modular ensemble of one-class classifiers". International Conference on Fusion 2008;9(1):69-82 Special Issue on Applications of Ensemble Methods.
  19. Zhang Jiong, Zulkernine M, Haque "A. Random-forests based network intrusion detection systems" IEEE Transaction of System Man Cybern. PartC:Appl. Rev.2008;38 (September (5)):649-59
  20. Jungsuk Song, Takakura Hiroki, Okabe Yasuo, Yongjin Kwon. "Unsupervised anomaly detection based on clustering and multiple one-class SVM" IEICE Trans.Com- mun. 2009;92(6):1981-90.
  21. Song Jungsuk, Takakura Hiroki,Okabe Yasuo,Nakao Koji. "Toward a more practical unsupervised anomaly detection system".Inf.Sci.2013;231(0):4-14 Data Mining for Information Security.
  22. Horng Shi-Jinn, SuMing- Yang, Chen Yuan-Hsin, Kao Tzong -Wann, ChenRong-Jian, Lai Jui-Lin DwiPerkasa Citra. "A novel intrusion detection system based on hierarchical clustering and support vector machines". ExpertSyst.Appl.2011;38 (1):306-13
  23. Nguyen, Hoa Huu, Harbi, Nouria, Darmont, Jérôme, 2011. "An efficient local region and clustering-based ensemble system for intrusion detection". In: Proceedings of the15th Symposium on International Database Engineering & Applications, IDEAS '11, ACM ,NewYork, NY, USA, pp. 185-191.

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2018-02-28

Issue

Volume 3, Issue 1, January-February-2018

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Shraddha Khonde, V. Ulagamuthalvi , " A Machine Learning Approach for Intrusion Detection using Ensemble Technique - A Survey, IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 3, Issue 1, pp.328-338, January-February-2018.