Skip to main content
SpringerLink
Log in

A Hybrid Intrusion Detection System for Contemporary Network Intrusion Dataset

  • Conference paper
  • First Online:
Security with Intelligent Computing and Big-data Services (SICBS 2017)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 733))

  • 1154 Accesses

Abstract

We propose a hybrid intrusion detection approach to detect network anomalies. The proposed approach uses a feature discrete method and a cluster analysis algorithm to separate the training samples into two groups, normal and anomaly groups, and then a new classification model is built to improve the performance of the sub group classification. We discretize the features of training samples by the method considering the interdependence between features and labels. Class information is added into the attributes to enhance the clustering results. For the anomaly group, several representative features are selected to construct a classification model to improve the overall classification performance. Two efficient machine learning algorithms, the Decision Tree algorithm and the Bayesian Network algorithm, are adopted in our experiment. The experiment results show that our method can increase both the normal and anomaly detection rate, precision and accuracy. For the classification of new types of modern attacks, our approach also can improve the overall accuracy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. García, S., Luengo, J., Sáez, J.A., López, V., Herrera, F.: A survey of discretization techniques: taxonomy and empirical analysis in supervised learning. IEEE Trans. Knowl. Data Eng. 25, 734–750 (2013)

    Article  Google Scholar 

  2. García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28, 18–28 (2009)

    Article  Google Scholar 

  3. Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutorials 18, 1153–1176 (2015)

    Article  Google Scholar 

  4. Guo, C., Ping, Y., Liu, N., Luo, S.-S.: A two level hybrid approach for intrusion detection. Neurocomputing 214, 391–400 (2016)

    Article  Google Scholar 

  5. Kurgan, L.A., Cios, K.J.: CAIM discretization algorithm. IEEE Trans. Knowl. Data Eng. 16, 145–153 (2004)

    Article  Google Scholar 

  6. Lin, W.-C., Ke, S.-W., Tsai, C.-F.: CANN: an intrusion detection system based on combining cluster centers and nearest neighbors. Knowl. Based Syst. 78, 13–21 (2015)

    Article  Google Scholar 

  7. Yin, C., Zhang, S., Wang. J., Kim, J.-U.: An improved K-means using in anomaly detection. In: Computational Intelligence Theory, Systems and Applications (CCITSA) (2015)

    Google Scholar 

  8. Om, H., Kundu, A.: A hybrid system for reducing the false alarm rate of anomaly intrusion detection system. In: Recent Advances in Information Technology (RAIT) (2012)

    Google Scholar 

  9. Al-Yaseen, W.L., Othman, Z.A., Zakree, M., Nazri, A.: Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system. In: Expert Systems with Applications, vol. 67, pp. 296–303, January 2017

    Google Scholar 

  10. Chordia Anita, S., Gupta, S.: An effective model for anomaly IDS to improve the efficiency. In: Green Computing and Internet of Things (ICGCIoT) (2015)

    Google Scholar 

  11. Aissa, N.B., Guerroumi, M.: A genetic clustering technique for anomaly based intrusion detection systems. In: Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD) (2015)

    Google Scholar 

  12. Liu, L., Wan, P., Wang, Y., Liu, S.: Clustering and hybrid genetic algorithm based intrusion detection strategy. Indonesian J. Electr. Eng. 12 (2014). TELKOMNIKA

    Google Scholar 

  13. Eslamnezhad, M., Varjani, A.Y.: Intrusion detection based on MinMax K-means clustering. In: Telecommunications (IST) (2014)

    Google Scholar 

  14. Varuna, S., Natesan, P.: An integration of K-Means clustering and Naïve Bayes classifier for intrusion detection. In: Signal Processing, Communication and Networking (ICSCN) (2015)

    Google Scholar 

  15. Hall, M.A.: Correlation-based Feature Selection for Machine Learning, Ph.D. dissertation, University of Waikato, New Zealand, April 1999

    Google Scholar 

  16. Kaur, R., Kumar, G., Kumar, K.: A comparative study of feature selection techniques for intrusion detection. In: Computing for Sustainable Global Development (INDIACom) (2015)

    Google Scholar 

  17. Haq, N.F., Onik, A.R., Shah, F.M.: An ensemble framework of anomaly detection using Hybridized Feature Selection Approach (HFSA). In: SAI Intelligent Systems Conference (IntelliSys) (2015)

    Google Scholar 

  18. Desale, K.S., Ade, R.: Genetic algorithm based feature selection approach for effective intrusion detection system. In: Computer Communication and Informatics (ICCCI) (2015)

    Google Scholar 

  19. Pervez, M.S., Farid, D.M.: Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs. In: Software, Knowledge, Information Management and Applications (SKIMA) (2014)

    Google Scholar 

  20. Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J. Glob. Perspect. 25, 18–31 (2016)

    Article  Google Scholar 

  21. Moustafa, N., Slay, J.: A hybrid feature selection for network intrusion detection systems: central points and association rules. In: Australian Information Warfare Conference, December 2015

    Google Scholar 

  22. Moustafa, N., Slay, J.: The significant feature of the UNSW-NB15 and the KDD99 datasets for network intrusion detection systems. In: Proceedings of the 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS 2015), November 2015

    Google Scholar 

  23. Fawcett, T.: An introduction to ROC analysis. Pattern Recogn. Lett. 27, 861–874 (2006)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan

    Jheng-Mo Liao, Jui-Sheng Liu & Sheng-De Wang

Authors
  1. Jheng-Mo Liao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jui-Sheng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sheng-De Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sheng-De Wang .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Information Engineering, National Dong Hwa University, Hualien, Taiwan

    Sheng-Lung Peng

  2. Department of Information Management, Central Police University, Taoyuan, Taiwan

    Shiuh-Jeng Wang

  3. Department of Automation and Applied Informatics, Faculty of Engineering, Aurel Vlaicu University of Arad, Arad, Romania

    Valentina Emilia Balas

  4. School of Computer Technology, Jingzhou, China

    Ming Zhao

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Liao, JM., Liu, JS., Wang, SD. (2018). A Hybrid Intrusion Detection System for Contemporary Network Intrusion Dataset. In: Peng, SL., Wang, SJ., Balas, V., Zhao, M. (eds) Security with Intelligent Computing and Big-data Services. SICBS 2017. Advances in Intelligent Systems and Computing, vol 733. Springer, Cham. https://doi.org/10.1007/978-3-319-76451-1_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-76451-1_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-76450-4

  • Online ISBN: 978-3-319-76451-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation