相互聚类冗余辅助入侵检测系统特征选择

IF 0.7 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of High Speed Networks Pub Date : 2022-08-16 DOI:10.3233/jhs-220694
T. Veeranna, K. Reddi
{"title":"相互聚类冗余辅助入侵检测系统特征选择","authors":"T. Veeranna, K. Reddi","doi":"10.3233/jhs-220694","DOIUrl":null,"url":null,"abstract":"Intrusion Detection is very important in computer networks because the widespread of internet makes the computers more prone to several cyber-attacks. With this inspiration, a new paradigm called Intrusion Detection System (IDS) has emerged and attained a huge research interest. However, the major challenge in IDS is the presence of redundant and duplicate information that causes a serious computational problem in network traffic classifications. To solve this problem, in this paper, we propose a novel IDS model based on statistical processing techniques and machine learning algorithms. The machine learning algorithms incudes Fuzzy C-means and Support Vector Machine while the statistical processing techniques includes correlation and Joint Entropy. The main purpose of FCM is to cluster the train data and SVM is to classify the traffic connections. Next, the main purpose of correlation is to discover and remove the duplicate connections from every cluster while the Joint entropy is applied for the discovery and removal of duplicate features from every connection. For experimental validation, totally three standard datasets namely KDD Cup 99, NSL-KDD and Kyoto2006+ are considered and the performance is measured through Detection Rate, Precision, F-Score, and accuracy. A five-fold cross validation is done on every dataset by changing the traffic and the obtained average performance is compared with existing methods.","PeriodicalId":54809,"journal":{"name":"Journal of High Speed Networks","volume":"504 1","pages":"257-273"},"PeriodicalIF":0.7000,"publicationDate":"2022-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Mutual clustered redundancy assisted feature selection for an intrusion detection system\",\"authors\":\"T. Veeranna, K. Reddi\",\"doi\":\"10.3233/jhs-220694\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion Detection is very important in computer networks because the widespread of internet makes the computers more prone to several cyber-attacks. With this inspiration, a new paradigm called Intrusion Detection System (IDS) has emerged and attained a huge research interest. However, the major challenge in IDS is the presence of redundant and duplicate information that causes a serious computational problem in network traffic classifications. To solve this problem, in this paper, we propose a novel IDS model based on statistical processing techniques and machine learning algorithms. The machine learning algorithms incudes Fuzzy C-means and Support Vector Machine while the statistical processing techniques includes correlation and Joint Entropy. The main purpose of FCM is to cluster the train data and SVM is to classify the traffic connections. Next, the main purpose of correlation is to discover and remove the duplicate connections from every cluster while the Joint entropy is applied for the discovery and removal of duplicate features from every connection. For experimental validation, totally three standard datasets namely KDD Cup 99, NSL-KDD and Kyoto2006+ are considered and the performance is measured through Detection Rate, Precision, F-Score, and accuracy. A five-fold cross validation is done on every dataset by changing the traffic and the obtained average performance is compared with existing methods.\",\"PeriodicalId\":54809,\"journal\":{\"name\":\"Journal of High Speed Networks\",\"volume\":\"504 1\",\"pages\":\"257-273\"},\"PeriodicalIF\":0.7000,\"publicationDate\":\"2022-08-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of High Speed Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3233/jhs-220694\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of High Speed Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/jhs-220694","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

入侵检测在计算机网络中非常重要,因为互联网的普及使计算机更容易受到各种网络攻击。受此启发,一种新的入侵检测系统(IDS)范式应运而生,并引起了广泛的研究兴趣。然而,IDS的主要挑战是冗余和重复信息的存在,这会在网络流量分类中导致严重的计算问题。为了解决这一问题,本文提出了一种基于统计处理技术和机器学习算法的IDS模型。机器学习算法包括模糊c均值和支持向量机,统计处理技术包括相关性和联合熵。FCM的主要目的是对列车数据进行聚类,而SVM的主要目的是对交通连接进行分类。其次,相关性的主要目的是发现和删除每个集群中的重复连接,而联合熵用于发现和删除每个连接中的重复特征。为了进行实验验证,共考虑了KDD Cup 99、NSL-KDD和Kyoto2006+三个标准数据集,并通过Detection Rate、Precision、F-Score和accuracy来衡量性能。通过改变流量对每个数据集进行五次交叉验证,并将得到的平均性能与现有方法进行比较。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Mutual clustered redundancy assisted feature selection for an intrusion detection system
Intrusion Detection is very important in computer networks because the widespread of internet makes the computers more prone to several cyber-attacks. With this inspiration, a new paradigm called Intrusion Detection System (IDS) has emerged and attained a huge research interest. However, the major challenge in IDS is the presence of redundant and duplicate information that causes a serious computational problem in network traffic classifications. To solve this problem, in this paper, we propose a novel IDS model based on statistical processing techniques and machine learning algorithms. The machine learning algorithms incudes Fuzzy C-means and Support Vector Machine while the statistical processing techniques includes correlation and Joint Entropy. The main purpose of FCM is to cluster the train data and SVM is to classify the traffic connections. Next, the main purpose of correlation is to discover and remove the duplicate connections from every cluster while the Joint entropy is applied for the discovery and removal of duplicate features from every connection. For experimental validation, totally three standard datasets namely KDD Cup 99, NSL-KDD and Kyoto2006+ are considered and the performance is measured through Detection Rate, Precision, F-Score, and accuracy. A five-fold cross validation is done on every dataset by changing the traffic and the obtained average performance is compared with existing methods.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Journal of High Speed Networks
Journal of High Speed Networks Computer Science-Computer Networks and Communications
CiteScore
1.80
自引率
11.10%
发文量
26
期刊介绍: The Journal of High Speed Networks is an international archival journal, active since 1992, providing a publication vehicle for covering a large number of topics of interest in the high performance networking and communication area. Its audience includes researchers, managers as well as network designers and operators. The main goal will be to provide timely dissemination of information and scientific knowledge. The journal will publish contributed papers on novel research, survey and position papers on topics of current interest, technical notes, and short communications to report progress on long-term projects. Submissions to the Journal will be refereed consistently with the review process of leading technical journals, based on originality, significance, quality, and clarity. The journal will publish papers on a number of topics ranging from design to practical experiences with operational high performance/speed networks.
期刊最新文献
Multitier scalable clustering wireless network design approach using honey bee ratel optimization Transmit antenna selection in M-MIMO system using metaheuristic aided model A comparison study of two implemented fuzzy-based models for decision of logical trust Research on fault detection and remote monitoring system of variable speed constant frequency wind turbine based on Internet of things Efficient dynamic IP datacasting mobility management based on LRS in mobile IP networks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1