{"title":"Two Layers Multi-class Detection method for network Intrusion Detection System","authors":"Yali Yuan, Liuwei Huo, D. Hogrefe","doi":"10.1109/ISCC.2017.8024620","DOIUrl":null,"url":null,"abstract":"Intrusion Detection Systems (IDSs) are powerful systems which monitor and analyze events in order to detect signs of security problems and take action to stop intrusions. In this paper, the Two Layers Multi-class Detection (TLMD) method used together with the C5.0 method and the Naive Bayes algorithm is proposed for adaptive network intrusion detection, which improves the detection rate as well as the false alarm rate. The proposed TLMD algorithm also addresses some difficulties in data mining situations such as handling imbalance datasets, dealing with continuous attributes, and reducing noise in training dataset. We compared the performance of the proposed TLMD method with that of existing algorithms, using the detection rate, accuracy as well as false alarm rate on the KDDcup99 benchmark intrusion detection dataset. The experimental results prove that the proposed TLMD method has a reduced false alarm rate and a good detection rate based on the imbalanced dataset.","PeriodicalId":106141,"journal":{"name":"2017 IEEE Symposium on Computers and Communications (ISCC)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC.2017.8024620","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 28
Abstract
Intrusion Detection Systems (IDSs) are powerful systems which monitor and analyze events in order to detect signs of security problems and take action to stop intrusions. In this paper, the Two Layers Multi-class Detection (TLMD) method used together with the C5.0 method and the Naive Bayes algorithm is proposed for adaptive network intrusion detection, which improves the detection rate as well as the false alarm rate. The proposed TLMD algorithm also addresses some difficulties in data mining situations such as handling imbalance datasets, dealing with continuous attributes, and reducing noise in training dataset. We compared the performance of the proposed TLMD method with that of existing algorithms, using the detection rate, accuracy as well as false alarm rate on the KDDcup99 benchmark intrusion detection dataset. The experimental results prove that the proposed TLMD method has a reduced false alarm rate and a good detection rate based on the imbalanced dataset.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
