Intrusion detection learning algorithm through network mining
This paper presents a learning algorithm for adaptive network intrusion detection based on clustering and naïve Bayesian classifier, which induces a hybridization of unsupervised and supervised learning processes. The proposed approach scales up the balance detection rates for different types of ne...
Saved in:
| Published in | 16th Int'l Conf. Computer and Information Technology pp. 490 - 495 |
|---|---|
| Main Authors | , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.03.2014
|
| Subjects | |
| Online Access | Get full text |
| DOI | 10.1109/ICCITechn.2014.6997324 |
Cover
| Abstract | This paper presents a learning algorithm for adaptive network intrusion detection based on clustering and naïve Bayesian classifier, which induces a hybridization of unsupervised and supervised learning processes. The proposed approach scales up the balance detection rates for different types of network intrusions, and keeps the false positives at acceptable level in network intrusion detection. The algorithm first clusters the network logs into several groups based on similarity of network logs, and then calculates the prior and class conditional probabilities for each cluster. In classifying a new network log, the algorithm calculates the similarity of attribute values of network data with each cluster and initialize a weight value for each cluster. Then each cluster classifies the network data with its priori and conditional probabilities that multiply with respective cluster's weight value. Finally, voting techniques applied for classifying the new network data based on each cluster's classification result. The performance of the proposed algorithm tested by employing KDD99 benchmark network intrusion detection dataset, and the experimental results proved that it improves the detection rates as well as reduces the false positives for different types of network intrusions. |
|---|---|
| AbstractList | This paper presents a learning algorithm for adaptive network intrusion detection based on clustering and naïve Bayesian classifier, which induces a hybridization of unsupervised and supervised learning processes. The proposed approach scales up the balance detection rates for different types of network intrusions, and keeps the false positives at acceptable level in network intrusion detection. The algorithm first clusters the network logs into several groups based on similarity of network logs, and then calculates the prior and class conditional probabilities for each cluster. In classifying a new network log, the algorithm calculates the similarity of attribute values of network data with each cluster and initialize a weight value for each cluster. Then each cluster classifies the network data with its priori and conditional probabilities that multiply with respective cluster's weight value. Finally, voting techniques applied for classifying the new network data based on each cluster's classification result. The performance of the proposed algorithm tested by employing KDD99 benchmark network intrusion detection dataset, and the experimental results proved that it improves the detection rates as well as reduces the false positives for different types of network intrusions. |
| Author | Uddin, Mohammad Shorif Abu Afza, A. J. M. |
| Author_xml | – sequence: 1 givenname: A. J. M. surname: Abu Afza fullname: Abu Afza, A. J. M. email: afza22bd@gmail.com organization: Department of Computer Science and Engineering Jahangirnagar University, Dhaka, Bangladesh – sequence: 2 givenname: Mohammad Shorif surname: Uddin fullname: Uddin, Mohammad Shorif email: shorifuddin@gmail.com organization: Department of Computer Science and Engineering Jahangirnagar University, Dhaka, Bangladesh |
| BookMark | eNotj1FLwzAUhSPog879AmH0D7Tm5rZJ7oMPUtQVBr70fWRt0oa1qWQZ4r_X4Z7O4ePwwXlgt2EJlrEN8AKA03NT101ruzEUgkNZSCKForxha1IaSkWE5R-5Zy9NSPF88kvIeptsly5tsiYGH4bMTMMSfRrnLI1xOQ9jFmz6XuIxm_1l8MjunJlOdn3NFWvf39p6m-8-P5r6dZd74imXhlBKXnKqDlppZUBwZ3qn0GnUFRA5CVpVotPSHFA4wMqBUB0iCKt6XLGnf6231u6_op9N_NlfP-Ev5IBHFA |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ICCITechn.2014.6997324 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781479934973 1479934976 |
| EndPage | 495 |
| ExternalDocumentID | 6997324 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i90t-6a936604095b8787a120fadf73f8385199f618752c86ab32f135f127c3312e7d3 |
| IEDL.DBID | RIE |
| IngestDate | Thu Jun 29 18:39:08 EDT 2023 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i90t-6a936604095b8787a120fadf73f8385199f618752c86ab32f135f127c3312e7d3 |
| PageCount | 6 |
| ParticipantIDs | ieee_primary_6997324 |
| PublicationCentury | 2000 |
| PublicationDate | 2014-March |
| PublicationDateYYYYMMDD | 2014-03-01 |
| PublicationDate_xml | – month: 03 year: 2014 text: 2014-March |
| PublicationDecade | 2010 |
| PublicationTitle | 16th Int'l Conf. Computer and Information Technology |
| PublicationTitleAbbrev | ICCITechn |
| PublicationYear | 2014 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 1.5751173 |
| Snippet | This paper presents a learning algorithm for adaptive network intrusion detection based on clustering and naïve Bayesian classifier, which induces a... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 490 |
| SubjectTerms | Bayes methods boosting Classification algorithms Clustering algorithms Computers Intrusion detection naïve Bayesian classifier Niobium |
| Title | Intrusion detection learning algorithm through network mining |
| URI | https://ieeexplore.ieee.org/document/6997324 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV27TsMwFL1qOzEBahFveWAkqWM7fswVqEUqYihSt8p27FJBU1SlC1-PnYQiEANbZEWyrx86zs059wDcaBxQj3GaZAXGCfOSJQYTk3jtuRS2wJZEgfP0kY-f2cM8n3fgdq-Fcc7V5DOXxsf6X36xsbuYKhtyFWvLsC50wzZrtFqt6DfDajgZjSZ1PjoStljavvzDNaUGjftDmH5113BFXtNdZVL78asS43_HcwSDb3keetoDzzF0XNmHSB_c7mLuCxWuqglWJWo9IZZIvy0321X1skatMQ8qG_43WtcOEQOY3d_NRuOk9UZIVgpXCdeKch4OoMqNDJOhM4K9LrygXtJwiVLK8yx8ihAruTaU-IzmPiPCUpoRJwp6Ar1yU7pTQIQZ7wLKe25zZgQ2XBVOaGmck1pQfgb9GPnival-sWiDPv-7-QIO4uw3LK1L6IXI3VWA7cpc1-v1CeatmnE |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwGP2CeNCTGjD-tgePdnRt161nIgEF4gETbqTdWiTKIGRc_Ottt4nRePDWNE36K81rv773PYA7RRzqccFwmBGCuU041oRqbJUVSZxmJKVe4Dwai_4Lf5xG0wbc77QwxpiSfGYCXyz_8rNVuvWhso6QPrcM34N9h_s8qtRatew3JLIz6HYHZUTaU7Z4UDf_4ZtSwkbvCEZfHVZskbdgW-gg_fiVi_G_IzqG9rdADz3voOcEGiZvgScQbrY--oUyU5QUqxzVrhBzpN7nq82ieF2i2poH5RUDHC1Lj4g2THoPk24f1-4IeCFJgYWSTAh3BGWkE3fqVEiJVZmNmU2Yu0ZJaUXoHiM0TYTSjNqQRTakccpYSE2csVNo5qvcnAGiXFvjcN6KNOI6JlrIzMQq0cYkKmbiHFp-5rN1lf9iVk_64u_qWzjoT0bD2XAwfrqEQ78TFWfrCppuFcy1A_FC35R79wktV52- |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=16th+Int%27l+Conf.+Computer+and+Information+Technology&rft.atitle=Intrusion+detection+learning+algorithm+through+network+mining&rft.au=Abu+Afza%2C+A.+J.+M.&rft.au=Uddin%2C+Mohammad+Shorif&rft.date=2014-03-01&rft.pub=IEEE&rft.spage=490&rft.epage=495&rft_id=info:doi/10.1109%2FICCITechn.2014.6997324&rft.externalDocID=6997324 |