Abstract
Intrusion Detection System (IDS) can be called efficient when maximum intrusion attacks are detected with minimum false alarm rate but due to imbalanced data, these two metrics are not comparable on the same scale. In this paper, a new NPR metric is suggested in view of the imbalanced data set to rank the classification algorithms for IDS which can help analyze and identify the best possible combination of high detection rate and low false alarm rate with maximum accuracy and F-score. The new NPR metric is used for comparison and ordering of ten classifiers simulated on KDD data set.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Tsai, C.-F. et al.: Intrusion detection by machine learning: a review. Exp. Syst. Appl. 36(10), 11994–12000 (2009)
Gupta, S., Kumar, P., Abraham, A.: A profile based network intrusion detection and prevention system for securing cloud environment. Int. J. Distrib. Sens. Netw. (2013)
DARPA Intrusion Detection Evaluation, MIT Lincoln Labs. http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/index.html
KDD Cup 1999. http://kdd.ics.uci.edu/databases/kddcup99/
NSL-KDD Data Set for Network-Based Intrusion Detection Systems. http://nsl.cs.unb.ca/NSL-KDD/
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: The Proceedings of IEEE Symposium on Computational Intelligence in Security and Defense Applications, pp. 1–6 (2009)
McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 Darpa intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)
Qiang, Y., Wu, X.: 10 challenging problems in data mining research. Int. J. Inf. Technol. Decis. Making 5(04), 597–604 (2006)
Chawla N.V.: Data mining for imbalanced datasets: an overview. Data Mining and Knowledge Discovery Handbook, pp. 875–886. Springer US (2010)
Kotsiantis, S., Kanellopoulos, D., Pintelas, P.: Handling imbalanced datasets: a review. GESTS Int. Trans. Comput. Sci. Eng. 30(1), 25–36 (2006)
Hulse, V., Jason, Khoshgoftaar, T.M., Napolitano, A.: Experimental perspectives on learning from imbalanced data. In: Proceedings of the 24th International Conference on Machine learning. ACM, New York (2007)
Fernandez-Delgado, M., Cernadas, E.: Do we need hundreds of classifiers to solve real world classification problems? J. Mach. Learn. Res. 15, 3133–3181 (2014)
González, S., et al.: Testing ensembles for intrusion detection: on the identification of mutated network scans. Computational intelligence in security for information systems, pp. 109–117. Springer, Berlin (2011)
Alhomouda, A., Munira, R., Dissoa, J.P., Awana, I., Al-Dhelaanb, A.: Performance evaluation study of intrusion detection systems. Proc. Comput. Sci. 5, 173–180 (2011)
Sokolova, M., Lapalme, G.: A systematic analysis of performance measures for classification tasks. Inf. Process. Manag. 45(4), 427–437 (2009)
Ferri, C., Hernández-Orallo, J., Modroiu, R.: An experimental comparison of performance measures for classification. Pattern Recogn. Lett. 30(1), 27–38 (2009)
Cardenas, A.A., Baras, J.S., Seamon, K.: A framework for the evaluation of intrusion detection systems. IEEE Symp. Secur. Priv. 15–77 (2006)
Nagarajan, A., Quyen N., Banks, R., Sood, A.: Combining intrusion detection and recovery for enhancing system dependability. In: IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W) (2011)
Pietraszek, T., Tanner, A.: Information security technical report. 10(3), 169–183 (2005) (Elsevier)
Giacinto, G., Perdisci, R., Del Rio, M., Roli, F.: Intrusion detection in computer networks by a modular ensemble of one-class classifiers. Special Issue on Applications of Ensemble Methods, Information Fusion, Vol. 9, no 1, pp. 69–82 (2008)
Chandola, V., Banerjee, A. and Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 15 (2009)
Han, J., Kamber, M.: Data mining: concepts and techniques, 3rd edn. Morgan Kaufmann, San Francisco (2012)
Witten, I.H., Frank, E., Hall, M.A.: Data mining- practical machine learning tools and techniques. Morgan Kaufmann, San Francisco (2011)
Waikato Environment for Knowledge Analysis (weka) version 3.7.11. http://www.cs.waikato.ac.nz/ml/weka/
Acknowledgments
The authors gratefully acknowledge the contribution of the anonymous reviewers’ comments in improving the clarity of this work.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Aggarwal, P., Sharma, S.K. (2015). A New Metric for Proficient Performance Evaluation of Intrusion Detection System. In: Herrero, Á., Baruque, B., Sedano, J., Quintián, H., Corchado, E. (eds) International Joint Conference. CISIS 2015. Advances in Intelligent Systems and Computing, vol 369. Springer, Cham. https://doi.org/10.1007/978-3-319-19713-5_28
Download citation
DOI: https://doi.org/10.1007/978-3-319-19713-5_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19712-8
Online ISBN: 978-3-319-19713-5
eBook Packages: EngineeringEngineering (R0)