{"title":"基于C5.0和贝叶斯网络结构的入侵检测系统高效建模算法","authors":"Fariba Younes Nia, M. Khalili","doi":"10.1109/KBEI.2015.7436203","DOIUrl":null,"url":null,"abstract":"Although different models have been offered for intrusion detection systems (IDSs) in computer networks, it is difficult to distinct unauthorized connections from authorized ones because intruders act similar to normal users. In this paper we propose an efficient modeling algorithm for applying in IDSs to improve the quality of detections. In the proposed algorithm, the integration of Tree Augmented Naive Bayes (TAN) in Bayesian Network (BN) and Boosting in C5.0 decision tree structures are used to take their advantages and avoid their weaknesses. These structures are adopted once individually. Then the agreements of their combination are considered. In addition, in implementation process, the KDDCUP'99 data set and the other widely-used measures in IDSs problem are used. The experimental results show that the proposed algorithm not only achieves satisfactory results in accuracy and false alarm rate, but also improves the existing works.","PeriodicalId":168295,"journal":{"name":"2015 2nd International Conference on Knowledge-Based Engineering and Innovation (KBEI)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"An efficient modeling algorithm for intrusion detection systems using C5.0 and Bayesian Network structures\",\"authors\":\"Fariba Younes Nia, M. Khalili\",\"doi\":\"10.1109/KBEI.2015.7436203\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Although different models have been offered for intrusion detection systems (IDSs) in computer networks, it is difficult to distinct unauthorized connections from authorized ones because intruders act similar to normal users. In this paper we propose an efficient modeling algorithm for applying in IDSs to improve the quality of detections. In the proposed algorithm, the integration of Tree Augmented Naive Bayes (TAN) in Bayesian Network (BN) and Boosting in C5.0 decision tree structures are used to take their advantages and avoid their weaknesses. These structures are adopted once individually. Then the agreements of their combination are considered. In addition, in implementation process, the KDDCUP'99 data set and the other widely-used measures in IDSs problem are used. The experimental results show that the proposed algorithm not only achieves satisfactory results in accuracy and false alarm rate, but also improves the existing works.\",\"PeriodicalId\":168295,\"journal\":{\"name\":\"2015 2nd International Conference on Knowledge-Based Engineering and Innovation (KBEI)\",\"volume\":\"56 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 2nd International Conference on Knowledge-Based Engineering and Innovation (KBEI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/KBEI.2015.7436203\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 2nd International Conference on Knowledge-Based Engineering and Innovation (KBEI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/KBEI.2015.7436203","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An efficient modeling algorithm for intrusion detection systems using C5.0 and Bayesian Network structures
Although different models have been offered for intrusion detection systems (IDSs) in computer networks, it is difficult to distinct unauthorized connections from authorized ones because intruders act similar to normal users. In this paper we propose an efficient modeling algorithm for applying in IDSs to improve the quality of detections. In the proposed algorithm, the integration of Tree Augmented Naive Bayes (TAN) in Bayesian Network (BN) and Boosting in C5.0 decision tree structures are used to take their advantages and avoid their weaknesses. These structures are adopted once individually. Then the agreements of their combination are considered. In addition, in implementation process, the KDDCUP'99 data set and the other widely-used measures in IDSs problem are used. The experimental results show that the proposed algorithm not only achieves satisfactory results in accuracy and false alarm rate, but also improves the existing works.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
