Skip to main content
SpringerLink
Log in
Book cover

International Conference on Hybrid Artificial Intelligence Systems

HAIS 2012: Hybrid Artificial Intelligent Systems pp 68–77Cite as

Towards the Reduction of Data Used for the Classification of Network Flows

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 7209))

Abstract

The ever growing volume of network traffic results in the need for even more efficient data processing in Intrusion Detection Systems. In particular, the raw network data has to be transformed and largely reduced to be processed by data mining models.

The primary objective of this work is to control the dimensionality reduction (DR) of network flow records in view of the accuracy of misuse detection. A real data set, containing flow records with potential spam messages, is used to perform the tests of the proposed method. The algorithm proposed in this study is applied to investigate the merits of hybrid models composed of dimensionality reduction, neural networks, and decision trees. The benefits of dimensionality reduction and the impact of the process on the overall spam detection rates and false positive rates are investigated. The advantages of the proposed technique over standard a priori selection of reduced dimension are discussed.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abouabdalla, O., et al.: False Positive Reduction in Intrusion Detection System: A Survey. In: Proc. of IC-BNM 2009, pp. 463–466 (2009)

    Google Scholar 

  2. Baláẑ, A., Trelová, J., Kostráb, M.: Architecture of Distributed Intrusion Detection System Based on Anomalies. In: 14th International Conference on Intelligent Engineering Systems (INES), pp. 79–83 (2010)

    Google Scholar 

  3. Barapatre, P., et al.: Training MLP Neural Network to Reduce False Alerts in IDS. In: Proc. of the 2008 Int. Conf. on Computing, Communication and Networking, ICCCN 2008 (2008)

    Google Scholar 

  4. Biskup, J.: Security in Computing Systems. Challenges, Approaches and Solutions. Springer, Heidelberg (2009)

    MATH  Google Scholar 

  5. Dash, S.K., Rawat, S., Pujari, A.K.: Use of Dimensionality Reduction for Intrusion Detection. In: McDaniel, P., Gupta, S.K. (eds.) ICISS 2007. LNCS, vol. 4812, pp. 306–320. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  6. Fanelli, R.L.: A Hybrid Model for Immune Inspired Network Intrusion Detection. In: Bentley, P.J., Lee, D., Jung, S. (eds.) ICARIS 2008. LNCS, vol. 5132, pp. 107–118. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  7. Fomenkov, M., Claffy, K.: Internet measurement data management challenges. In: The Cooperative Association for Internet Data Analysis (CAIDA), San Diego, USA (2011)

    Google Scholar 

  8. Grzenda, M.: Prediction-Oriented Dimensionality Reduction of Industrial Data Sets. In: Mehrotra, K.G., Mohan, C.K., Oh, J.C., Varshney, P.K., Ali, M. (eds.) IEA/AIE 2011, Part I. LNCS (LNAI), vol. 6703, pp. 232–241. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  9. Haykin, S.: Neural Networks: a Comprehensive Foundation. Prentice-Hall Inc. (1999)

    Google Scholar 

  10. Hu, C., et al.: On the Deployment Strategy of Distributed Network Security Sensors. In: 13th IEEE International Conference on Networks (2005)

    Google Scholar 

  11. El-Khatib, K.: Impact of Feature Reduction of the Efficiency of Wireless Intrusion Detection Systems. IEEE Trans. on Parallel and Distributed Systems 21(8), 1143–1149 (2010)

    Article  Google Scholar 

  12. Kim, H., et al.: Internet Traffic Classification Demystified: Myths, Caveats, and the Best Practices. In: Proc. of ACM CoNEXT 2008 (December 2008)

    Google Scholar 

  13. Larose, D.T.: Data Mining Methods and Models (2006)

    Google Scholar 

  14. Lattin, J.M., Carroll, J.D., Green, P.E.: Analyzing Multivariate Data (2003)

    Google Scholar 

  15. Lee, J., Verleysen, M.: Nonlinear Dimensionality Reduction. Springer, Heidelberg (2010)

    Google Scholar 

  16. Lim, S.Y., Jones, A.: Network Anomaly Detection System: The State of Art of Network Behaviour Analysis. In: Int. Conf. on Convergence and Hybrid Information Technology, pp. 459–465 (2008)

    Google Scholar 

  17. Moore, A., Zuev, D., Crogan, M.: Discriminators for use in flow-based classification. Technical Report, RR-05-13, Department of Computer Science, Queen Mary, University of London (2005)

    Google Scholar 

  18. http://www.snort.org/

  19. Žádník, M., Michlovský, Z.: Is Spam Visible in Flow-Level Statistics? CESNET National Research and Education Network, Prague, Czech Republic, Technical Report 6/2008, 67–78 (2008)

    Google Scholar 

  20. Zhang, J., Zulkernine, M., Haque, A.: Random-Forests-Based Network Intrusion Detection Systems. IEEE Trans. on Systems, Man, and Cybernetics 38(5), 649–659 (2008)

    Article  Google Scholar 

  21. Zhou, Y.-P.: Hybrid Model Based on Artificial Immune System and PCA Neural Networks for Intrusion Detection. In: Proc. of 2009 Asia-Pacific Conf. on Information Processing, pp. 21–24 (2009)

    Google Scholar 

  22. Yanwei, F., Yingying, Z., Haiyang, Y.: Study of Neural Network Technologies in Intrusion Detection Systems. In: Proc. of the 5th Int. Conf. on Wireless Communications, Networking and Mobile Computing (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Mathematics and Information Science, Warsaw University of Technology, 00-661, Warszawa, Pl. Politechniki 1, Poland

    Maciej Grzenda

  2. Orange Labs Poland, 02-691, Warszawa, ul. Obrzeżna 7, Poland

    Maciej Grzenda

Authors
  1. Maciej Grzenda
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Universidad de Salamanca, Plaza de la Merced S/N, 37008, Salamanca, Spain

    Emilio Corchado

  2. VŠB-TU Ostrava 17, Listopadu 15, 70833, Ostrava, Czech Republic

    Václav Snášel

  3. Machine Intelligence Research Labs Machine Intelligence Research Labs(MIR Labs),, Scientific Network for Innovation and Research Excellence, P.O. Box 2259, 98071, Auburn, Washington, USA

    Ajith Abraham

  4. Wroclaw University of Technology, Wybrzeze Wyspianskiego 27, 50-370, Wroclaw, Poland

    Michał Woźniak

  5. University of the Basque Country, Pº Manuel Lardizabal 1, 20018, San Sebastian, Spain

    Manuel Graña

  6. Yonsei University, 134 Shinchon-dong, 120-749, Sudaemoon-ku, Seoul, Korea

    Sung-Bae Cho

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Grzenda, M. (2012). Towards the Reduction of Data Used for the Classification of Network Flows. In: Corchado, E., Snášel, V., Abraham, A., Woźniak, M., Graña, M., Cho, SB. (eds) Hybrid Artificial Intelligent Systems. HAIS 2012. Lecture Notes in Computer Science(), vol 7209. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28931-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28931-6_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28930-9

  • Online ISBN: 978-3-642-28931-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation