Intrusion Detection Using Ensembles

Balon-Perin, Alexandre; Gambäck, Björn; Røstad, Lillian

Home // ICSEA 2012, The Seventh International Conference on Software Engineering Advances // View article

Authors:
Alexandre Balon-Perin
Björn Gambäck
Lillian Røstad

Keywords: intrusion detection; ensemble approaches; bagging

Abstract:
The paper discusses intrusion detection systems built using ensemble approaches, i.e., by combining several machine learning algorithms. The main idea is to exploit the strengths of each algorithm of the ensemble to obtain a robust classifier. Network attacks can be divided into four classes: probe, remote to local, denial of service, and user to root. Each module of the ensemble designed in this work is itself an ensemble using bagging of decision trees and is specialized in the detection of one class of attacks. Experiments highlighted the efficiency of the approach and showed that increased accuracy can be obtained when each class of attacks is treated as a separate problem and handled by specialized algorithms. In all experiments, the ensemble was able to decrease the number of false positives and false negatives.

Pages: 656 to 663

Copyright: Copyright (c) The Government of Norway, 2012. Used by permission to IARIA.

Publication date: November 18, 2012

Published in: conference

ISSN: 2308-4235

ISBN: 978-1-61208-230-1

Location: Lisbon, Portugal

Dates: from November 18, 2012 to November 23, 2012