More Web Proxy on the site http://driver.im/

article

A novel intrusion detection system based on hierarchical clustering and support vector machines

Authors:

Shi-Jinn Horng,

Yuan-Hsin Chen,

Tzong-Wann Kao,

Rong-Jian Chen,

Citra Dwi PerkasaAuthors Info & Claims

Expert Systems with Applications: An International Journal, Volume 38, Issue 1

Pages 306 - 313

https://doi.org/10.1016/j.eswa.2010.06.066

Published: 01 January 2011 Publication History

Abstract

This study proposed an SVM-based intrusion detection system, which combines a hierarchical clustering algorithm, a simple feature selection procedure, and the SVM technique. The hierarchical clustering algorithm provided the SVM with fewer, abstracted, and higher-qualified training instances that are derived from the KDD Cup 1999 training set. It was able to greatly shorten the training time, but also improve the performance of resultant SVM. The simple feature selection procedure was applied to eliminate unimportant features from the training set so the obtained SVM model could classify the network traffic data more accurately. The famous KDD Cup 1999 dataset was used to evaluate the proposed system. Compared with other intrusion detection systems that are based on the same dataset, this system showed better performance in the detection of DoS and Probe attacks, and the beset performance in overall accuracy.

References

[1]

}}Evolutionary design of intrusion detection programs. International Journal of Network Security. v4 i3. 328-339.

[2]

}}Bouzida, Y., & Cuppens, F. (2006). Neural networks vs. decision trees for intrusion detection. <http://www.rennes.enst-bretagne.fr/~fcuppens/articles/monam06.pdf>.

[3]

}}Chimphlee, W., Abdullah, A. H., Md Sap, M. N., Srinoy, S., & Chimphlee, S. (2006) Anomaly-based intrusion detection using fuzzy rough clustering. In Proceedings of the international conference on hybrid information technology (ICHIT'06).

Digital Library

[4]

}}Guha, S., Rastogi, R., & Shim, K. (1999). Rock: A robust clustering algorithm for categorical attributes. In Proceedings of the international conference on data engineering (ICDE'99) (pp. 512-521).

Digital Library

[5]

}}Guha, S., Rastogi, R., & Shim, K. (1998). Cure: An efficient clustering algorithm for large databases. In Proceedings of the ACM SIGMOD (SIGMOD'98) (pp. 73-84).

Digital Library

[6]

}}Hsu, C. -W., Chang, C. -C., & Lin, C. -J., (xxxx). A practical guide to support vector classification. <http://www.csie.ntu.edu.tw/~cjlin/papers/guide/guide.pdf>.

[7]

}}Chameleon: A hierarchical clustering algorithm using dynamic modeling. Computer. v32. 68-75.

Digital Library

[8]

}}KDD Cup, (1999). Intrusion detection data set. <http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html>.

[9]

}}A new intrusion detection system using support vector machines and hierarchical clustering. The International Journal on Very Large Data Bases. v16 i4. 507-521.

Digital Library

[10]

}}KDD-99 classifier learning contest LLSoft's results overview. SIGKDD Explorations. v1 i2. 67-75.

Digital Library

[11]

}}Novikov, D., Yampolskiy, R. V., & Reznik, L. (2006). Anomaly detection based intrusion detection. In Proceedings of the third international conference on information technology: New generations (ITNG'06).

Digital Library

[12]

}}Winning the KDD99 classification cup: Bagged boosting. SIGKDD Explorations. v1 i2. 65-66.

Digital Library

[13]

}}Sabhnani, M. R., & Serpen, G. (2003). Application of machine learning algorithms to KDD intrusion detection dataset with in misuse detection context. In Proceedings of the international conference on machine learning: Models, technologies, and applications (pp. 209-215).

[14]

}}A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers. Computer Communications. v30. 2201-2212.

Digital Library

[15]

}}The nature of statistical learning theory. Springer-Verlag, New York, NY.

Digital Library

[16]

}}Vigna, G., Robertson, W., Kher, V., & Kemmerer, R. A. (2003). A stateful intrusion detection system for world-wide web servers. In Proceedings of the 19th annual computer security applications conference, December 8-12.

Digital Library

[17]

}}Xuren, W., Famei, H., & Rongsheng, X. (2006). Modeling intrusion detection system by discovering association rule in rough set theory framework. In Proceedings of the international conference on computational intelligence for modelling control and automation, and international conference on intelligent agents. Web Technologies and Internet Commerce (CIMCA-IAWTIC'06).

Digital Library

[18]

}}Yu, H., Yang, J., Han, J., & Li, X., (2003). Classifying large data sets using SVM with hierarchical clusters. In Proceedings of the international conference on knowledge discovery in databases (KDD'03).

Digital Library

[19]

}}An automatically tuning intrusion detection system. IEEE Transactions on Systems, Man and Cybernetics, Part B: Cybernetics. v37 i2. 373-384.

Digital Library

[20]

}}Zhang, T., Ramakrishnan, R., & Livny, M., (1996). BIRCH: An efficient data clustering method for very large databases. In Proceedings of the ACM SIGMOD (SIGMOD'96) (pp. 103-114).

Digital Library

Cited By

Gu XHowells GYuan H(2024)A soft prototype-based autonomous fuzzy inference system for network intrusion detectionInformation Sciences: an International Journal10.1016/j.ins.2024.120964677:COnline publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1016/j.ins.2024.120964
Shao MLin YPeng QZhao JPei ZSun Y(2023)Learning graph deep autoencoder for anomaly detection in multi-attributed networksKnowledge-Based Systems10.1016/j.knosys.2022.110084260:COnline publication date: 25-Jan-2023
https://dl.acm.org/doi/10.1016/j.knosys.2022.110084
Hwang RLee CLin YLin PWu HLai YChen C(2023)Host-based intrusion detection with multi-datasource and deep learningJournal of Information Security and Applications10.1016/j.jisa.2023.10362578:COnline publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103625
Show More Cited By

A novel intrusion detection system based on hierarchical clustering and support vector machines
1. Computing methodologies
  1. Machine learning
    1. Learning paradigms
      1. Supervised learning

Recommendations

Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system

Reduction the 10%KDD training dataset up to 99.8% by using modified K-means.New high quality training datasets are constructed for training SVM and ELM.Multi-level model is proposed to improve the performance of detection accuracy.Improve the detection ...
A new intrusion detection system using support vector machines and hierarchical clustering

Whenever an intrusion occurs, the security and value of a computer system is compromised. Network-based attacks make it difficult for legitimate users to access various network services by purposely occupying or sabotaging network resources and ...
High Efficient Intrusion Detection Methodology with Twin Support Vector Machines
ISISE '08: Proceedings of the 2008 International Symposium on Information Science and Engieering - Volume 01

Intrusion detection has become the important component of the network security. Many intelligent intrusion detection models are proposed, but the performance and efficiency are not satisfied to real computer network system. This paper extends these ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Expert Systems with Applications: An International Journal

Expert Systems with Applications: An International Journal Volume 38, Issue 1

January, 2011

1077 pages

ISSN:0957-4174

Issue’s Table of Contents

Copyright © Elsevier Ltd © 2010.

Publisher

Pergamon Press, Inc.

United States

Publication History

Published: 01 January 2011

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

83
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gu XHowells GYuan H(2024)A soft prototype-based autonomous fuzzy inference system for network intrusion detectionInformation Sciences: an International Journal10.1016/j.ins.2024.120964677:COnline publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1016/j.ins.2024.120964
Shao MLin YPeng QZhao JPei ZSun Y(2023)Learning graph deep autoencoder for anomaly detection in multi-attributed networksKnowledge-Based Systems10.1016/j.knosys.2022.110084260:COnline publication date: 25-Jan-2023
https://dl.acm.org/doi/10.1016/j.knosys.2022.110084
Hwang RLee CLin YLin PWu HLai YChen C(2023)Host-based intrusion detection with multi-datasource and deep learningJournal of Information Security and Applications10.1016/j.jisa.2023.10362578:COnline publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103625
Kalita DSingh VKumar V(2023)A novel adaptive optimization framework for SVM hyper-parameters tuning in non-stationary environmentExpert Systems with Applications: An International Journal10.1016/j.eswa.2022.119189213:PCOnline publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1016/j.eswa.2022.119189
Zhang CWang GWang SZhan DYin M(2023)Cross-domain network attack detection enabled by heterogeneous transfer learningComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2023.109692227:COnline publication date: 1-May-2023
https://dl.acm.org/doi/10.1016/j.comnet.2023.109692
Liu CZhu TZhang JZhou W(2022)Privacy Intelligence: A Survey on Image Privacy in Online Social NetworksACM Computing Surveys10.1145/354729955:8(1-35)Online publication date: 23-Dec-2022
https://dl.acm.org/doi/10.1145/3547299
Li LChen XSong C(2022)A robust clustering method with noise identification based on directed K-nearest neighbor graphNeurocomputing10.1016/j.neucom.2022.08.029508:C(19-35)Online publication date: 7-Oct-2022
https://dl.acm.org/doi/10.1016/j.neucom.2022.08.029
Xiaolan WManjur Ahmed MNizam Husen MQian ZBelhaouari S(2022)Evolving anomaly detection for network streaming dataInformation Sciences: an International Journal10.1016/j.ins.2022.06.064608:C(757-777)Online publication date: 1-Aug-2022
https://dl.acm.org/doi/10.1016/j.ins.2022.06.064
Gavel SRaghuvanshi ATiwari S(2022)Maximum correlation based mutual information scheme for intrusion detection in the data networksExpert Systems with Applications: An International Journal10.1016/j.eswa.2021.116089189:COnline publication date: 1-Mar-2022
https://dl.acm.org/doi/10.1016/j.eswa.2021.116089
Vashishtha LSingh AChatterjee K(2022)HIDM: A Hybrid Intrusion Detection Model for Cloud Based SystemsWireless Personal Communications: An International Journal10.1007/s11277-022-10063-y128:4(2637-2666)Online publication date: 25-Oct-2022
https://dl.acm.org/doi/10.1007/s11277-022-10063-y
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents