TY - GEN
T1 - A multi-expert classification framework with transferable voting for Intrusion Detection
AU - Tran, Tich Phuoc
AU - Tsai, Pohsiang
AU - Jan, Tony
PY - 2008
Y1 - 2008
N2 - Network security is a critical component for any sized organization. While static defence technologies such as firewalls and anti-virus provide basic protection for computer networks, an Intrusion Detection System (IDS) can improve overall security by identifying and responding to novel malicious activities. The current existing IDS methods suffer from low accuracy and system robustness. To overcome such limitations, this paper proposes a multi-expert classification framework for detecting different types of network anomalies. Specifically, different types of intrusions will be detected with different strategies, including different attribute selections and learning algorithms. Several voting approaches are also investigated for the purpose of classifier combination. The Knowledge Discovery and Data Mining (KDD-99) dataset is used as a benchmark to compare this method with other existing techniques. Empirical results indicate that the proposed design outperforms other state-of-the-art learning methods in terms of detection capabilities, misclassification cost and processing overheads.
AB - Network security is a critical component for any sized organization. While static defence technologies such as firewalls and anti-virus provide basic protection for computer networks, an Intrusion Detection System (IDS) can improve overall security by identifying and responding to novel malicious activities. The current existing IDS methods suffer from low accuracy and system robustness. To overcome such limitations, this paper proposes a multi-expert classification framework for detecting different types of network anomalies. Specifically, different types of intrusions will be detected with different strategies, including different attribute selections and learning algorithms. Several voting approaches are also investigated for the purpose of classifier combination. The Knowledge Discovery and Data Mining (KDD-99) dataset is used as a benchmark to compare this method with other existing techniques. Empirical results indicate that the proposed design outperforms other state-of-the-art learning methods in terms of detection capabilities, misclassification cost and processing overheads.
KW - Multi-expert classification
KW - Network Intrusion Detection
KW - Single transferable voting
UR - http://www.scopus.com/inward/record.url?scp=60649094295&partnerID=8YFLogxK
U2 - 10.1109/ICMLA.2008.18
DO - 10.1109/ICMLA.2008.18
M3 - Conference contribution
AN - SCOPUS:60649094295
SN - 9780769534954
T3 - Proceedings - 7th International Conference on Machine Learning and Applications, ICMLA 2008
SP - 877
EP - 882
BT - Proceedings - 7th International Conference on Machine Learning and Applications, ICMLA 2008
T2 - 7th International Conference on Machine Learning and Applications, ICMLA 2008
Y2 - 11 December 2008 through 13 December 2008
ER -