CFP last date
20 January 2025
Reseach Article

An Efficient Approach for Dynamic Distributed Network Intrusion Detection using Online Adaboost-based Parameterized Methods

by Anilkumar.v.brahmane, Amruta Amune
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 117 - Number 18
Year of Publication: 2015
Authors: Anilkumar.v.brahmane, Amruta Amune
10.5120/20652-3186

Anilkumar.v.brahmane, Amruta Amune . An Efficient Approach for Dynamic Distributed Network Intrusion Detection using Online Adaboost-based Parameterized Methods. International Journal of Computer Applications. 117, 18 ( May 2015), 7-13. DOI=10.5120/20652-3186

@article{ 10.5120/20652-3186,
author = { Anilkumar.v.brahmane, Amruta Amune },
title = { An Efficient Approach for Dynamic Distributed Network Intrusion Detection using Online Adaboost-based Parameterized Methods },
journal = { International Journal of Computer Applications },
issue_date = { May 2015 },
volume = { 117 },
number = { 18 },
month = { May },
year = { 2015 },
issn = { 0975-8887 },
pages = { 7-13 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume117/number18/20652-3186/ },
doi = { 10.5120/20652-3186 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:59:42.186885+05:30
%A Anilkumar.v.brahmane
%A Amruta Amune
%T An Efficient Approach for Dynamic Distributed Network Intrusion Detection using Online Adaboost-based Parameterized Methods
%J International Journal of Computer Applications
%@ 0975-8887
%V 117
%N 18
%P 7-13
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Modern network intrusion detection systems are short of flexibility to the frequently altering network surroundings. Additionally, intrusion detection in the new distributed architectures is now a major requirement. In this paper, we propose online Adaboost-based intrusion detection algorithms. In an enhanced algorithm online Adaboost process and online Gaussian mixture models (GMMs) are used as weak classifiers. We further propose a distributed intrusion detection framework, in which a local parameterized detection model is created in each node using the online Adaboost algorithm. A global detection model is constructed in each node by merging the local parametric models using a small number of samples in the node. This combination is accomplished using an algorithm based on particle swarm optimization (PSO) and support vector machines. The global model in each node is used to detect intrusions. Investigational results show that the enhanced online Adaboost process with GMMs gets a superior detection rate and a lower false alarm rate than the traditional online Adaboost process that uses decision stumps. Both the algorithms outperform existing intrusion detection algorithms. It is also shown that our PSO, and SVM-based algorithm efficiently merge the local detection models into the global model in each node; the global model in a node can handle the intrusion categories that are found in other nodes, without distribution the samples of these intrusion types.

References
  1. Weiming Hu, Jun Gao, Yanguo Wang, Ou Wu, and Stephen Maybank, " Online Adaboost-Based Parameterized Methods for Dynamic Distributed Network Intrusion Detection" IEEE TRANSACTIONS ON CYBERNETICS, VOL. 44, NO. 1, JANUARY 2014
  2. D. Denning, "An intrusion detection model," IEEE Trans. Softw. Eng. , vol. SE-13, no. 2, pp. 222–232, Feb. 1987
  3. J. B. D. Caberera, B. Ravichandran, and R. K. Mehra, "Statistical traffic modeling for network intrusion detection," in Proc. Modeling, Anal. Simul. Comput. Telecommun. Syst. , 2000, pp. 466–473.
  4. W. Lee, S. J. Stolfo, and K. Mork, "A data mining framework for building intrusion detection models," in Proc. IEEE Symp. SecurityPrivacy, May 1999, pp. 120–132.
  5. M. E. Otey, A. Ghoting, and S. Parthasarathy, "Fast distributed outlier detection in mixed-attribute data sets," Data Ming Knowl. Discovery,vol. 12, no. 2–3, pp. 203–228, May 2006.
  6. H. G. Kayacik, A. N. Zincir-heywood, and M. T. Heywood, "On the capability of an SOM based intrusion detection system," in Proc. Int. Joint Conf. Neural Netwo. , vol. 3. Jul. 2003, pp. 1808–1813.
  7. P. Z. Hu and M. I. Heywood, "Predicting intrusions with local linear model," in Proc. Int. Joint Conf. Neural Netw. , vol. 3, pp. 1780–1785,Jul. 2003.
  8. Z. Zhang and H. Shen, "Online training of SVMs for real-time intrusion detection," in Proc. Adv. Inform. Netw. Appl. , vol. 2, 2004, pp. 568–573.
  9. H. Lee, Y. Chung, and D. Park, "An adaptive intrusion detection algorithm based on clustering and kernel-method," in Proc. Int. Conf. Adv. Inform. Networking Appl. , 2004, pp. 603–610.
  10. W. Lee and S. J. Stolfo, "A framework for constructing features and models for intrusion detection systems," ACM Trans. Inform. Syst. Security, vol. 3, no. 4, pp. 227–261, Nov. 2000.
  11. A. Fern and R. Givan, "Online ensemble learning: An empirical study," in Proc. Int. Conf. Mach. Learning, 2000, pp. 279–286.
  12. J. Kittler, M. Hatef, R. P. W. Duin, and J. Matas, "On combining classifiers," IEEE Trans. Pattern Anal. Mach. Intell. , vol. 20, no. 3, pp. 226–238, Mar. 1998.
  13. J. Kennedy, "Particle swarm optimization," in Proc. IEEE Int. Conf. Neural Netw. , 1995, pp. 1942–1948.
  14. Y. Shi and R. C. Eberhart, "A modified particle swarm optimizer," in Proc. IEEE Int. Conf. Evolut. Comput. , 1998, pp. 69–73.
  15. S. Stofo et al. The Third International Knowledge Discovery and Data Mining Tools Competition, The University of California, 2002 [Online]. Available: http://kdd. ics. uci. edu/databases/kddCup99/kddCup99. h-tml.
  16. S. Mukkamala, A. H. Sung, and A. Abraham, "Intrusion detection using an ensemble of intelligent paradigms," Netw. Comput. Appl. , vol. 28, no. 2, pp. 167
Index Terms

Computer Science
Information Sciences

Keywords

Local Model Global Model