A Novel Hierarchical Intrusion Detection System based on Decision Tree and Rules-based Models

被引：127

作者：

Ahmim, Ahmed ^{[1
]}

Maglaras, Leandros ^{[2
]}

Ferrag, Mohamed Amine ^{[3
]}

Derdour, Makhlouf ^{[1
]}

Janicke, Helge ^{[2
]}

机构：

[1] Univ Larbi Tebessi, Dept Math & Comp Sci, Tebessa, Algeria

[2] De Montfort Univ, Sch Comp Sci & Informat, Leicester, Leics, England

[3] Guelma Univ, Dept Comp Sci, BP 401, Guelma 24000, Algeria

来源：

2019 15TH INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING IN SENSOR SYSTEMS (DCOSS) | 2019年

关键词：

DETECTION FRAMEWORK;

D O I：

10.1109/DCOSS.2019.00059

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper proposes a novel intrusion detection system (IDS) that combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial data set in addition to the outputs of the first and the second classifier as inputs. The experimental results obtained by analyzing the proposed IDS using the CICIDS2017 dataset, attest their superiority in terms of accuracy, detection rate, false alarm rate and time overhead as compared to state of the art existing schemes.

引用

页码：228 / 233

页数：6

共 25 条

[11] A hybrid network intrusion detection system using simplified swarm optimization (SSO) [J].

Chung, Yuk Ying ;

Wahid, Noorhaniza .

APPLIED SOFT COMPUTING, 2012, 12 (09) :3014-3022

[12]

Cohen W. W., 1995, Machine Learning. Proceedings of the Twelfth International Conference on Machine Learning, P115

[13] A Cybersecurity Detection Framework for Supervisory Control and Data Acquisition Systems [J].

Cruz, Tiago ;

Rosa, Luis ;

Proenca, Jorge ;

Maglaras, Leandros ;

Aubigny, Matthieu ;

Lev, Leonid ;

Jiang, Jianmin ;

Simoes, Paulo .

IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, 2016, 12 (06) :2236-2246

[14] An experimental evaluation of weightless neural networks for multi-class classification [J].

De Gregorio, Massimo ;

Giordano, Maurizio .

APPLIED SOFT COMPUTING, 2018, 72 :338-354

[15] A hybrid network intrusion detection framework based on random forests and weighted k-means [J].

Elbasiony, Reda M. ;

Sallam, Elsayed A. ;

Eltobely, Tarek E. ;

Fahmy, Mahmoud M. .

AIN SHAMS ENGINEERING JOURNAL, 2013, 4 (04) :753-762

[16]

Gharib A., 2016, P 2016 INT C INF SCI, P1, DOI 10.1109/ICISSEC.2016.7885840

[17] Intrusion detection using neural based hybrid classification methods [J].

Govindarajan, M. ;

Chandrasekaran, R. M. .

COMPUTER NETWORKS, 2011, 55 (08) :1662-1671

[18] A survey of intrusion detection on industrial control systems [J].

Hu, Yan ;

Yang, An ;

Li, Hong ;

Sun, Yuyan ;

Sun, Limin .

INTERNATIONAL JOURNAL OF DISTRIBUTED SENSOR NETWORKS, 2018, 14 (08)

[19] Coverage-based resampling: Building robust consolidated decision trees [J].

Ibarguren, Igor ;

Perez, Jesus M. ;

Muguerza, Javier ;

Gurrutxaga, Ibai ;

Arbelaitz, Olatz .

KNOWLEDGE-BASED SYSTEMS, 2015, 79 :51-67

[20] An effective combining classifier approach using tree algorithms for network intrusion detection [J].

Kevric, Jasmin ;

Jukic, Samed ;

Subasi, Abdulhamit .

NEURAL COMPUTING & APPLICATIONS, 2017, 28 :S1051-S1058

← 1 2 3 →