Abstract
Machine learning techniques have been extensively adopted in the domain of Network-based Intrusion Detection System (NIDS) especially in the task of network traffics classification. A decision tree model with its kinship terminology is very suitable in this application. The merit of its straightforward and simple “if-else” rules makes the interpretation of network traffics easier. Despite its powerful classification and interpretation capacities, the visibility of its tree rules is introducing a new privacy risk to NIDS where it reveals the network posture of the owner. In this paper, we propose a sensitive pruning-based decision tree to tackle the privacy issues in this domain. The proposed pruning algorithm is modified based on C4.8 decision tree (better known as J48 in Weka package). The proposed model is tested with the 6 percent GureKDDCup NIDS dataset.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Anderson, J.P.: Computer security threat monitoring and surveillance. Tech. Rep. James P Anderson Co Fort Washingt. Pa. 56 (1980).
Bouzida, Y., Cuppens, F.: Neural networks vs. decision trees for intrusion detection. Commun. 2006. ICC ’06. IEEE Int. Conf. 2394–2400 (2006).
Cataltepe, Z. et al.: Online feature selected semi-supervised decision trees for network intrusion detection. Proc. NOMS 2016 - 2016 IEEE/IFIP Netw. Oper. Manag. Symp. AnNet, 1085–1088 (2016).
Denning, D.E.: An Intrusion-Detection Model. IEEE Trans. Softw. Eng. SE-13, 2, 222–232 (1987).
Depren, O. et al.: An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks. Expert Syst. Appl. 29, 4, 713–722 (2005).
Frank, E. et al.: The WEKA Workbench. Morgan Kaufmann, Fourth Ed. 553–571 (2016).
Frederik, Z.B.: Behavioral Targeting: A European Legal Perspective. IEEE Secur. Priv. 11, 82–85 (2013).
Goeschel, K.: Reducing false positives in intrusion detection systems using data-mining techniques utilizing support vector machines, decision trees, and naive Bayes for off-line analysis. Conf. Proc. - IEEE SOUTHEASTCON. 2016–July, (2016).
Heberlein, L.T. et al.: A network security monitor. In: Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy. pp. 296–304 IEEE (1990).
Kim, G. et al.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41, 4 PART 2, 1690–1700 (2014).
Lippmann, R.P. et al.: Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation. In: Proceedings DARPA Information Survivability Conference and Exposition. DISCEX’00. pp. 12–26 IEEE Comput. Soc.
Perona, I. et al.: Generation of the database gurekddcup. (2016).
Quinlan, J.R.: Induction of Decision Trees. Mach. Learn. 1, 1, 81–106 (1986).
Rai, K. et al.: Decision Tree Based Algorithm for Intrusion Detection. Int. J. Adv. Netw. Appl. 07, 04, 2828–2834 (2016).
Riboni, D. et al.: Obfuscation of sensitive data in network flows. IEEE Conf. Comput. Commun. INFOCOM 2012. 23, 2, 2372–2380 (2015).
Stolfo, S.J. et al.: Cost-based modeling for fraud and intrusion detection: results from the JAM project. In: Proceedings DARPA Information Survivability Conference and Exposition. DISCEX’00. pp. 130–144 IEEE Comput. Soc (2000).
Tavallaee, M. et al.: A detailed analysis of the KDD CUP 99 data set. IEEE Symp. Comput. Intell. Secur. Def. Appl. CISDA 2009. Cisda, 1–6 (2009).
Xiang, C. et al.: Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees. Pattern Recognit. Lett. 29, 7, 918–924 (2008).
Acknowledgements
This research work was supported by a Fundamental Research Grant Schemes (FRGS) under the Ministry of Education and Multimedia University, Malaysia (Project ID: MMUE/160029), and Korea Foundation of Advanced Studies (ISEF).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Chew, Y.J., Ooi, S.Y., Wong, KS., Pang, Y.H. (2020). Decision Tree with Sensitive Pruning in Network-based Intrusion Detection System. In: Alfred, R., Lim, Y., Haviluddin, H., On, C. (eds) Computational Science and Technology. Lecture Notes in Electrical Engineering, vol 603. Springer, Singapore. https://doi.org/10.1007/978-981-15-0058-9_1
Download citation
DOI: https://doi.org/10.1007/978-981-15-0058-9_1
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0057-2
Online ISBN: 978-981-15-0058-9
eBook Packages: EngineeringEngineering (R0)