Skip to main content
SpringerLink
Log in
Book cover

Computational Science and Technology pp 1–10Cite as

Decision Tree with Sensitive Pruning in Network-based Intrusion Detection System

  • Conference paper

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 603))

Abstract

Machine learning techniques have been extensively adopted in the domain of Network-based Intrusion Detection System (NIDS) especially in the task of network traffics classification. A decision tree model with its kinship terminology is very suitable in this application. The merit of its straightforward and simple “if-else” rules makes the interpretation of network traffics easier. Despite its powerful classification and interpretation capacities, the visibility of its tree rules is introducing a new privacy risk to NIDS where it reveals the network posture of the owner. In this paper, we propose a sensitive pruning-based decision tree to tackle the privacy issues in this domain. The proposed pruning algorithm is modified based on C4.8 decision tree (better known as J48 in Weka package). The proposed model is tested with the 6 percent GureKDDCup NIDS dataset.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, J.P.: Computer security threat monitoring and surveillance. Tech. Rep. James P Anderson Co Fort Washingt. Pa. 56 (1980).

    Google Scholar 

  2. Bouzida, Y., Cuppens, F.: Neural networks vs. decision trees for intrusion detection. Commun. 2006. ICC ’06. IEEE Int. Conf. 2394–2400 (2006).

    Google Scholar 

  3. Cataltepe, Z. et al.: Online feature selected semi-supervised decision trees for network intrusion detection. Proc. NOMS 2016 - 2016 IEEE/IFIP Netw. Oper. Manag. Symp. AnNet, 1085–1088 (2016).

    Google Scholar 

  4. Denning, D.E.: An Intrusion-Detection Model. IEEE Trans. Softw. Eng. SE-13, 2, 222–232 (1987).

    Google Scholar 

  5. Depren, O. et al.: An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks. Expert Syst. Appl. 29, 4, 713–722 (2005).

    Google Scholar 

  6. Frank, E. et al.: The WEKA Workbench. Morgan Kaufmann, Fourth Ed. 553–571 (2016).

    Google Scholar 

  7. Frederik, Z.B.: Behavioral Targeting: A European Legal Perspective. IEEE Secur. Priv. 11, 82–85 (2013).

    Google Scholar 

  8. Goeschel, K.: Reducing false positives in intrusion detection systems using data-mining techniques utilizing support vector machines, decision trees, and naive Bayes for off-line analysis. Conf. Proc. - IEEE SOUTHEASTCON. 2016–July, (2016).

    Google Scholar 

  9. Heberlein, L.T. et al.: A network security monitor. In: Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy. pp. 296–304 IEEE (1990).

    Google Scholar 

  10. Kim, G. et al.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41, 4 PART 2, 1690–1700 (2014).

    Google Scholar 

  11. Lippmann, R.P. et al.: Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation. In: Proceedings DARPA Information Survivability Conference and Exposition. DISCEX’00. pp. 12–26 IEEE Comput. Soc.

    Google Scholar 

  12. Perona, I. et al.: Generation of the database gurekddcup. (2016).

    Google Scholar 

  13. Quinlan, J.R.: Induction of Decision Trees. Mach. Learn. 1, 1, 81–106 (1986).

    Google Scholar 

  14. Rai, K. et al.: Decision Tree Based Algorithm for Intrusion Detection. Int. J. Adv. Netw. Appl. 07, 04, 2828–2834 (2016).

    Google Scholar 

  15. Riboni, D. et al.: Obfuscation of sensitive data in network flows. IEEE Conf. Comput. Commun. INFOCOM 2012. 23, 2, 2372–2380 (2015).

    Google Scholar 

  16. Stolfo, S.J. et al.: Cost-based modeling for fraud and intrusion detection: results from the JAM project. In: Proceedings DARPA Information Survivability Conference and Exposition. DISCEX’00. pp. 130–144 IEEE Comput. Soc (2000).

    Google Scholar 

  17. Tavallaee, M. et al.: A detailed analysis of the KDD CUP 99 data set. IEEE Symp. Comput. Intell. Secur. Def. Appl. CISDA 2009. Cisda, 1–6 (2009).

    Google Scholar 

  18. Xiang, C. et al.: Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees. Pattern Recognit. Lett. 29, 7, 918–924 (2008).

    Google Scholar 

Download references

Acknowledgements

This research work was supported by a Fundamental Research Grant Schemes (FRGS) under the Ministry of Education and Multimedia University, Malaysia (Project ID: MMUE/160029), and Korea Foundation of Advanced Studies (ISEF).

Author information

Authors and Affiliations

  1. Faculty of Information Science and Technology, Multimedia University, Melaka, Malaysia

    Yee Jian Chew, Shih Yin Ooi & Ying Han Pang

  2. Department of Computer Science, Nazarbayev University, Astana, Kazakhstan

    Kok-Seng Wong

Authors
  1. Yee Jian Chew
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shih Yin Ooi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kok-Seng Wong
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ying Han Pang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yee Jian Chew .

Editor information

Editors and Affiliations

  1. Knowledge Technology Research Unit, Faculty of Computing and Informatics, Universiti Malaysia Sabah, Kota Kinabalu, Malaysia

    Rayner Alfred

  2. School of Information Science, Security and Networks Area, Japan Advanced Institute of Science and Technology, Ishikawa, Japan

    Yuto Lim

  3. Department of Computer Science, Universitas Mulawarman, Samarinda, Indonesia

    Haviluddin Haviluddin

  4. Center of Data and Information Management, Universiti Malaysia Sabah, Kota Kinabalu, Sabah, Malaysia

    Chin Kim On

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Chew, Y.J., Ooi, S.Y., Wong, KS., Pang, Y.H. (2020). Decision Tree with Sensitive Pruning in Network-based Intrusion Detection System. In: Alfred, R., Lim, Y., Haviluddin, H., On, C. (eds) Computational Science and Technology. Lecture Notes in Electrical Engineering, vol 603. Springer, Singapore. https://doi.org/10.1007/978-981-15-0058-9_1

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-0058-9_1

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-0057-2

  • Online ISBN: 978-981-15-0058-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation