{"title":"利用朴素贝叶斯和AdaBoost增强网络异常入侵检测","authors":"Wei Li, Qingxia Li","doi":"10.1109/ICINIS.2010.133","DOIUrl":null,"url":null,"abstract":"Classical intrusion detection system tends to identify attacks by using a set of rules known as signatures defined before the attack, this kind of detection is known as misuse intrusion detection. But reality is not always quantifiable, and this drives us to a new intrusion detection technique known as anomaly intrusion detection, due to the difficulties of defining normal pattern for random data frames, anomaly detection suffer from false positives, where normal traffic behavior is mistaken and classified as an attack and cause a great deal of manpower to manual sort the attacks. In this paper we construct a network based anomaly intrusion detection system using naive Bayes as weak learners enhanced with AdaBoost (Adaptive Boosing machine learning algorithm), experiment using KDD ’99 cup data proved that our IDS can achieve extremely low False Positive and has acceptable detection rate.","PeriodicalId":319379,"journal":{"name":"2010 Third International Conference on Intelligent Networks and Intelligent Systems","volume":"4 11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":"{\"title\":\"Using Naive Bayes with AdaBoost to Enhance Network Anomaly Intrusion Detection\",\"authors\":\"Wei Li, Qingxia Li\",\"doi\":\"10.1109/ICINIS.2010.133\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Classical intrusion detection system tends to identify attacks by using a set of rules known as signatures defined before the attack, this kind of detection is known as misuse intrusion detection. But reality is not always quantifiable, and this drives us to a new intrusion detection technique known as anomaly intrusion detection, due to the difficulties of defining normal pattern for random data frames, anomaly detection suffer from false positives, where normal traffic behavior is mistaken and classified as an attack and cause a great deal of manpower to manual sort the attacks. In this paper we construct a network based anomaly intrusion detection system using naive Bayes as weak learners enhanced with AdaBoost (Adaptive Boosing machine learning algorithm), experiment using KDD ’99 cup data proved that our IDS can achieve extremely low False Positive and has acceptable detection rate.\",\"PeriodicalId\":319379,\"journal\":{\"name\":\"2010 Third International Conference on Intelligent Networks and Intelligent Systems\",\"volume\":\"4 11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"30\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 Third International Conference on Intelligent Networks and Intelligent Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICINIS.2010.133\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Third International Conference on Intelligent Networks and Intelligent Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICINIS.2010.133","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Using Naive Bayes with AdaBoost to Enhance Network Anomaly Intrusion Detection
Classical intrusion detection system tends to identify attacks by using a set of rules known as signatures defined before the attack, this kind of detection is known as misuse intrusion detection. But reality is not always quantifiable, and this drives us to a new intrusion detection technique known as anomaly intrusion detection, due to the difficulties of defining normal pattern for random data frames, anomaly detection suffer from false positives, where normal traffic behavior is mistaken and classified as an attack and cause a great deal of manpower to manual sort the attacks. In this paper we construct a network based anomaly intrusion detection system using naive Bayes as weak learners enhanced with AdaBoost (Adaptive Boosing machine learning algorithm), experiment using KDD ’99 cup data proved that our IDS can achieve extremely low False Positive and has acceptable detection rate.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
