An efficient local region and clustering-based ensemble system for intrusion detection

Proceedings. International Database Engineering and Applications Symposium Pub Date : 2011-09-21 DOI:10.1145/2076623.2076647

H. Huu, Nouria Harbi, J. Darmont

{"title":"An efficient local region and clustering-based ensemble system for intrusion detection","authors":"H. Huu, Nouria Harbi, J. Darmont","doi":"10.1145/2076623.2076647","DOIUrl":null,"url":null,"abstract":"The dramatic proliferation of sophisticated cyber attacks, in conjunction with the ever growing use of Internet-based services and applications, is nowadays becoming a great concern in any organization. Among many efficient security solutions proposed in the literature to deal with this evolving threat, ensemble approaches, a particular family of data mining, have proven very successful in designing high performance intrusion detection systems (IDSs) resting on the mutual combination of multiple classifiers. However, the strength of ensemble systems depends heavily on the methods to generate and combine individual classifiers. In this thread, we propose a novel design method to generate a robust ensemble-based IDS. In our approach, individual classifiers are built using both the input feature space and additional features exploited from k-means clustering. In addition, the ensemble combination is calculated based on the classification ability of classifiers on different local data regions defined in form of k-means clustering. Experimental results prove that our solution is superior to several well-known methods.","PeriodicalId":93615,"journal":{"name":"Proceedings. International Database Engineering and Applications Symposium","volume":"17 1","pages":"185-191"},"PeriodicalIF":0.0000,"publicationDate":"2011-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"23","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. International Database Engineering and Applications Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2076623.2076647","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 23

Abstract

The dramatic proliferation of sophisticated cyber attacks, in conjunction with the ever growing use of Internet-based services and applications, is nowadays becoming a great concern in any organization. Among many efficient security solutions proposed in the literature to deal with this evolving threat, ensemble approaches, a particular family of data mining, have proven very successful in designing high performance intrusion detection systems (IDSs) resting on the mutual combination of multiple classifiers. However, the strength of ensemble systems depends heavily on the methods to generate and combine individual classifiers. In this thread, we propose a novel design method to generate a robust ensemble-based IDS. In our approach, individual classifiers are built using both the input feature space and additional features exploited from k-means clustering. In addition, the ensemble combination is calculated based on the classification ability of classifiers on different local data regions defined in form of k-means clustering. Experimental results prove that our solution is superior to several well-known methods.

查看原文本刊更多论文

基于局部区域和聚类的入侵检测集成系统

复杂的网络攻击的急剧扩散，以及基于internet的服务和应用程序的日益增长的使用，如今已成为任何组织都非常关注的问题。在文献中提出的许多有效的安全解决方案中，集成方法是一种特殊的数据挖掘方法，在设计基于多个分类器相互组合的高性能入侵检测系统(ids)方面已经证明是非常成功的。然而，集成系统的强度很大程度上取决于生成和组合单个分类器的方法。在这个主题中，我们提出了一种新的设计方法来生成基于集成的鲁棒IDS。在我们的方法中，使用输入特征空间和从k-means聚类中利用的附加特征来构建单个分类器。此外，基于分类器对以k-means聚类形式定义的不同局部数据区域的分类能力，计算集成组合。实验结果表明，该方法优于几种已知的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings. International Database Engineering and Applications Symposium

自引率

0.00%

发文量