[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3018896.3065830acmotherconferencesArticle/Chapter ViewAbstractPublication PagesiccConference Proceedingsconference-collections
research-article

Comparison of ensemble learning methods applied to network intrusion detection

Published: 22 March 2017 Publication History

Abstract

This paper investigates the possibility of using ensemble learning methods to improve the performance of intrusion detection systems. We compare an ensemble of three ensemble learning methods, boosting, bagging and stacking in order to improve the detection rate and to reduce the false alarm rate. These ensemble methods use well-known and different base classification algorithms, J48 (decision tree), NB (Naïve Bayes), MLP (Neural Network) and REPTree. The comparison experiments are applied on UNSW-NB15 data set a recent public data set for network intrusion detection systems. Results show that using boosting, bagging can achieve higher accuracy than single classifier but stacking performs better than other ensemble learning methods.

References

[1]
L. Breiman. Bagging predictors. Machine learning, 24(2):123--140, 1996.
[2]
L. P. Cordella and C. Sansone. A multi-stage classification system for detecting intrusions in computer networks. Pattern analysis and applications, 10(2):83--100, 2007.
[3]
O. Depren, M. Topallar, E. Anarim, and M. K. Ciliz. An intelligent intrusion detection system (ids) for anomaly and misuse detection in computer networks. Expert systems with Applications, 29(4):713--722, 2005.
[4]
I. Detection. Intrusion detection: a brief history and overview. 2002.
[5]
Y. Freund, R. E. Schapire, et al. Experiments with a new boosting algorithm. In icml, volume 96, pages 148--156, 1996.
[6]
D. Gaikwad and R. C. Thool. Intrusion detection system using bagging ensemble method of machine learning. In Computing Communication Control and Automation (ICCUBEA), 2015 International Conference on, pages 291--295. IEEE, 2015.
[7]
G. Giacinto, R. Perdisci, M. Del Rio, and F. Roli. Intrusion detection in computer networks by a modular ensemble of one-class classifiers. Information Fusion, 9(l):69--82, 2008.
[8]
M. Govindarajan and R. Chandrasekaran. Intrusion detection using neural based hybrid classification methods. Computer networks, 55(8):1662--1671, 2011.
[9]
L. K. Hansen and P. Salamon. Neural network ensembles. IEEE transactions on pattern analysis and machine intelligence, 12:993--1001, 1990.
[10]
J. Kevric, S. Jukic, and A. Subasi. An effective combining classifier approach using tree algorithms for network intrusion detection. Neural Computing and Applications, pages 1--8, 2016.
[11]
P. A. R. Kumar and S. Selvakumar. Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Computer Communications, 36(3):303--319, 2013.
[12]
N. Moustafa and J. Slay. Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In Military Communications and Information Systems Conference (MilCIS), 2015, pages 1--6. IEEE, 2015.
[13]
S. Mukkamala, A. H. Sung, and A. Abraham. Intrusion detection using an ensemble of intelligent paradigms. Journal of network and computer applications, 28(2):167--182, 2005.
[14]
R. Polikar. Ensemble based systems in decision making. IEEE Circuits and systems magazine, 6(3):21--45, 2006.
[15]
R. E. Schapire. The strength of weak learnability. Machine learning, 5(2):197--227, 1990.
[16]
P. Srinivasu and P. Avadhani. Genetic algorithm based weight extraction algorithm for artificial neural network classifier in intrusion detection. Procedia Engineering, 38:144--153, 2012.
[17]
A. Tajbakhsh, M. Rahmati, and A. Mirzaei. Intrusion detection using fuzzy association rules. Applied Soft Computing, 9(2):462--469, 2009.
[18]
G. Wang, J. Hao, J. Ma, and L. Huang. A new approach to intrusion detection using artificial neural networks and fuzzy clustering. Expert Systems with Applications, 37(9):6225--6232, 2010.
[19]
D. H. Wolpert. Stacked generalization. Neural networks, 5(2):241--259, 1992.

Cited By

View all
  • (2024)Enhancing intrusion detection: a hybrid machine and deep learning approachJournal of Cloud Computing10.1186/s13677-024-00685-x13:1Online publication date: 17-Jul-2024
  • (2024)Ensemble Diversity Pruning on Cybersecurity: Optimizing Intrusion Detection Systems2024 31st International Conference on Systems, Signals and Image Processing (IWSSIP)10.1109/IWSSIP62407.2024.10634027(1-6)Online publication date: 9-Jul-2024
  • (2023)Scalable Inline Network-Intrusion Detection System with Minimized Memory RequirementElectronics10.3390/electronics1209206112:9(2061)Online publication date: 29-Apr-2023
  • Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences
ICC '17: Proceedings of the Second International Conference on Internet of things, Data and Cloud Computing
March 2017
1349 pages
ISBN:9781450347747
DOI:10.1145/3018896
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 March 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. bagging
  2. boosting
  3. ensemble classifiers
  4. intrusion detection
  5. stacking

Qualifiers

  • Research-article

Conference

ICC '17

Acceptance Rates

ICC '17 Paper Acceptance Rate 213 of 590 submissions, 36%;
Overall Acceptance Rate 213 of 590 submissions, 36%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)20
  • Downloads (Last 6 weeks)2
Reflects downloads up to 01 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Enhancing intrusion detection: a hybrid machine and deep learning approachJournal of Cloud Computing10.1186/s13677-024-00685-x13:1Online publication date: 17-Jul-2024
  • (2024)Ensemble Diversity Pruning on Cybersecurity: Optimizing Intrusion Detection Systems2024 31st International Conference on Systems, Signals and Image Processing (IWSSIP)10.1109/IWSSIP62407.2024.10634027(1-6)Online publication date: 9-Jul-2024
  • (2023)Scalable Inline Network-Intrusion Detection System with Minimized Memory RequirementElectronics10.3390/electronics1209206112:9(2061)Online publication date: 29-Apr-2023
  • (2023)A Comprehensive Survey on Ensemble Learning-Based Intrusion Detection Approaches in Computer NetworksIEEE Access10.1109/ACCESS.2023.332853511(122638-122676)Online publication date: 2023
  • (2023)An empirical assessment of ensemble methods and traditional machine learning techniques for web-based attack detection in industry 5.0Journal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.02.00935:3(103-119)Online publication date: Mar-2023
  • (2023)A Comparison of Ensemble Learning for Intrusion Detection in Telemetry DataAdvances on Intelligent Computing and Data Science10.1007/978-3-031-36258-3_40(451-462)Online publication date: 17-Aug-2023
  • (2022)Ensemble learning-based IDS for sensors telemetry data in IoT networksMathematical Biosciences and Engineering10.3934/mbe.202249319:10(10550-10580)Online publication date: 2022
  • (2022)An Ensemble Pruning Approach to Optimize Intrusion Detection Systems Performance2022 IEEE International Conference on Systems, Man, and Cybernetics (SMC)10.1109/SMC53654.2022.9945239(1173-1179)Online publication date: 9-Oct-2022
  • (2022)Early Detection of Network Intrusions Using a GAN-Based One-Class ClassifierIEEE Access10.1109/ACCESS.2022.322140010(119357-119367)Online publication date: 2022
  • (2022)Real-time network intrusion detection using deferred decision and hybrid classifierFuture Generation Computer Systems10.1016/j.future.2022.02.011132:C(51-66)Online publication date: 1-Jul-2022
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media