{"title":"A Hybrid Approach for Real-Time Network Intrusion Detection Systems","authors":"Jia Li, M. Xie","doi":"10.1109/CIS.2007.10","DOIUrl":null,"url":null,"abstract":"This paper proposes a hybrid approach for real- time Network Intrusion Detection Systems (NIDS). We adopt Random Forest (RF) for feature selection and Minimax Probability Machine (MPM) for intrusion detection. RF provides the variable importance by numeric values so that the irrelevant features can be eliminated. However, the NIDS based on RF is slow to build intrusion detection model. We employ MPM, since MPM has been shown a better performance, compared with RF in terms of model building time. To validate the feasibility, we carry out several times of experiments with KDD 1999 intrusion detection dataset. The experimental results show the proposed approach is faster and more lightweight than the previous approaches while guaranteeing high detection rates so that it is suitable for real-time NIDS.","PeriodicalId":127238,"journal":{"name":"2007 International Conference on Computational Intelligence and Security (CIS 2007)","volume":"94 5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"24","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Conference on Computational Intelligence and Security (CIS 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS.2007.10","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 24
Abstract
This paper proposes a hybrid approach for real- time Network Intrusion Detection Systems (NIDS). We adopt Random Forest (RF) for feature selection and Minimax Probability Machine (MPM) for intrusion detection. RF provides the variable importance by numeric values so that the irrelevant features can be eliminated. However, the NIDS based on RF is slow to build intrusion detection model. We employ MPM, since MPM has been shown a better performance, compared with RF in terms of model building time. To validate the feasibility, we carry out several times of experiments with KDD 1999 intrusion detection dataset. The experimental results show the proposed approach is faster and more lightweight than the previous approaches while guaranteeing high detection rates so that it is suitable for real-time NIDS.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
