Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (11A): 705-712.doi: 10.11896/jsjkx.201100101

• Interdiscipline & Application • Previous Articles     Next Articles

Design of Intrusion Detection System Based on Sampling Ensemble Algorithm

HUAN Wen-ming, LIN Hai-tao   

  1. College of Electronics Engineering,Naval University of Engineering,Wuhan 430000,China
  • Online:2021-11-10 Published:2021-11-12
  • About author:HUAN Wen-ming,born in 1995,postgraduate.His main research interests include data mining and cyber security.
    LIN Hai-tao,born in 1974,Ph.D,associate professor.His main research inte-rests include information network mana-gement and planning.

PDF (PC)

540

Abstract: As the second line of defense after firewalls,intrusion detection systems have been widely used in the field of network security.Machine learning-based intrusion detection systems have attracted more and more interest due to their superior detection performance.In order to improve the detection performance of the intrusion detection system in multiple types of imbalanced data,this paper proposes an intrusion detection system based on the optimal sampling ensemble algorithm(OSEC).OSEC first converts the multi-category detection problem into multiple binary classification problems according to the “one-to-all” principle,and then selects the optimal sampling ensemble algorithm according to the AUC value in each binary classification problem to alleviate the data imbalance problem.Finally,the category judgment module designed in this article judges the specific category of the sample to be tested.We perform simulation verification on the NSL-KDD data set,and find that compared with the traditional method,the F1 score of this system on R2L and U2R has increased by 0.595 and 0.185 respectively;compared with the latest intrusion detection system,the method in this paper improves the overall detection accuracy by 1.4%.

Key words: AUC, Ensemble learning, Intrusion detection, Multi-class imbalanced, NSL-KDD, Resampling

CLC Number: 

  • TP309
[1]GAMAGE S,SAMARABANDU J.Deep learning methods innetwork intrusion detection:A survey and an objective comparison[J].Journal of Network and Computer Applications,2020,169:102767.
[2]AMBUSAIDI M A,HE X,NANDA P,et al.Building an intrusion detection system using a filter-based feature selection algorithm[J].IEEE Transactions on Computers,2016,65(10):2986-2998.
[3]AL-QATF M,LASHENG Y,AL-HABIB M,et al.Deep learning approach combining sparse autoencoder with SVM for network intrusion detection[J].IEEE Access,2018,6:52843-52856.
[4]ZHOU Y,CHENG G,JIANG S,et al.Building an efficient intrusion detection system based on feature selection and ensemble classifier[J].Computer Networks,2020,174:297-304.
[5]YIJING L,HAIXIANG G,XIAO L,et al.Adapted ensembleclassification algorithm based on multiple classifier system and feature selection for classifying multi-class imbalanced data[J].Knowledge-Based Systems,2016,94:88-104.
[6]FERNÁNDEZ A,GARCÍA S,GALAR M,et al.ImbalancedClassification with Multiple Classes [M].Learning from Imbalanced Data Sets.Cham,Springer International Publishing.2018:197-226.
[7]LI Y X,CHAI Y,HU Y Q,et al.Review of imbalanced dataclassification methods[J].Control and Decision,2019,34(4):673-688.
[8]LIN W C,TSAI C F,HU Y H,et al.Clustering-based undersampling in class-imbalanced data[J].Information Sciences,2017,409/410:17-26.
[9]CHAWLA N V,BOWYER K W,HALL L O,et al.SMOTE:Synthetic Minority Over-sampling Technique[J].Journal of Artificial Intelligence Research,2002,16(1):321-357.
[10]ZHANG X Y,WANG H Z.Intrusion Detection of ICS Based on Improved BorderSMOTE for Unbalance Data[J].Netinfo Security,2020,20(7):70-76.
[11]ZHANG H,HUANG L,WU C Q,et al.An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset[J].Compu-ter Networks,2020,177:303-315.
[12]WU Y X,WANG J L,YANG L,et al.Survey on cost-sensitive Deep Learning Methods[J].Computer Science,2019,46(5):8-19.
[13]TELIKANI A,GANDOMI A H.Cost-sensitive stacked auto-encoders for intrusion detection in the Internet of Things[J].Internet of Things,2019,14:157-169.
[14]HAIXIANG G,YIJING L,SHANG J,et al.Learning fromclass-imbalanced data:Review of methods and applications[J].Expert Systems with Applications,2016,73(MAY):220-239.
[15]SHAHRAKI A,ABBASI M,HAUGEN Ø.Boosting algorithms for network intrusion detection:A comparative evaluation of Real AdaBoost,Gentle AdaBoost and Modest AdaBoost[J].Engineering Applications of Artificial Intelligence,2020,94:103770.
[16]GALAR M,FERNANDEZ A,BARRENECHEA E,et al.A Review on Ensembles for the Class Imbalance Problem:Bagging-,Boosting-,and Hybrid-Based Approaches[J].IEEE Transactions on Systems,Man,and Cybernetics,Part C (Applications and Reviews),2012,42(4):463-484.
[17]SEIFFERT C,KHOSHGOFTAAR T M,VAN HULSE J,et al.RUSBoost:A hybrid approach to alleviating class imbalance[J].IEEE Transactions on Systems,Man,and Cybernetics Part A:Systems and Humans,2010,40(1):185-197.
[18]CHAWLA N V,LAZAREVIC A,HALL L O,et al.SMOTEBoost:Improving prediction of the minority class in Boosting[C]//The 7th European Conference on Principles and Practice of Knowledge Discovery in Databases.Springer Verlag,2003:107-119.
[19]DIEZ-PASTOR J F,RODRIGUEZ J J,GARCIA-OSORIO C,et al.Random Balance:Ensembles of variable priors classifiers for imbalanced data[J].Knowledge-Based Systems,2015,85:96-111.
[20]FREUND Y,SCHAPIRE R E.A Decision-Theoretic Generalization of On-Line Learning and an Application to Boosting[J].Journal of Computer and System Sciences,1997,55(1):119-139.
[21]KDD Cup 1999 Data[EB/OL].http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
[22]TAVALLAEE M,BAGHERI E,LU W,et al.A detailed analysis of the KDD CUP 99 data set[C]//IEEE Symposium on Computational Intelligence for Security and Defense Applications.2009:1-6.
[23]HONG J H,MIN J K,CHO U K,et al.Fingerprint classification using one-vs-all support vector machines dynamically ordered with naïve Bayes classifiers[J].Pattern Recognition,2008,41(2):662-671.
[24]GAO X,SHAN C,HU C,et al.An Adaptive Ensemble Machine Learning Model for Intrusion Detection[J].IEEE Access,2019,7:82512-82521.
[25]KASONGO S M,SUN Y.A Deep Learning Method with FilterBased Feature Engineering for Wireless Intrusion Detection system[J].IEEE Access,2019:38597-38607.
[1] WANG Xin-tong, WANG Xuan, SUN Zhi-xin. Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network [J]. Computer Science, 2022, 49(8): 314-322.
[2] LIN Xi, CHEN Zi-zhuo, WANG Zhong-qing. Aspect-level Sentiment Classification Based on Imbalanced Data and Ensemble Learning [J]. Computer Science, 2022, 49(6A): 144-149.
[3] KANG Yan, WU Zhi-wei, KOU Yong-qi, ZHANG Lan, XIE Si-yu, LI Hao. Deep Integrated Learning Software Requirement Classification Fusing Bert and Graph Convolution [J]. Computer Science, 2022, 49(6A): 150-158.
[4] ZHOU Zhi-hao, CHEN Lei, WU Xiang, QIU Dong-liang, LIANG Guang-sheng, ZENG Fan-qiao. SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm [J]. Computer Science, 2022, 49(6A): 562-570.
[5] CAO Yang-chen, ZHU Guo-sheng, SUN Wen-he, WU Shan-chao. Study on Key Technologies of Unknown Network Attack Identification [J]. Computer Science, 2022, 49(6A): 581-587.
[6] WEI Hui, CHEN Ze-mao, ZHANG Li-qiang. Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns [J]. Computer Science, 2022, 49(6): 350-355.
[7] WANG Yu-fei, CHEN Wen. Tri-training Algorithm Based on DECORATE Ensemble Learning and Credibility Assessment [J]. Computer Science, 2022, 49(6): 127-133.
[8] HAN Hong-qi, RAN Ya-xin, ZHANG Yun-liang, GUI Jie, GAO Xiong, YI Meng-lin. Study on Cross-media Information Retrieval Based on Common Subspace Classification Learning [J]. Computer Science, 2022, 49(5): 33-42.
[9] DU Hui, LI Zhuo, CHEN Xin. Incentive Mechanism for Hierarchical Federated Learning Based on Online Double Auction [J]. Computer Science, 2022, 49(3): 23-30.
[10] REN Shou-peng, LI Jin, WANG Jing-ru, YUE Kun. Ensemble Regression Decision Trees-based lncRNA-disease Association Prediction [J]. Computer Science, 2022, 49(2): 265-271.
[11] CHEN Wei, LI Hang, LI Wei-hua. Ensemble Learning Method for Nucleosome Localization Prediction [J]. Computer Science, 2022, 49(2): 285-291.
[12] LIU Zhen-yu, SONG Xiao-ying. Multivariate Regression Forest for Categorical Attribute Data [J]. Computer Science, 2022, 49(1): 108-114.
[13] ZHANG Shi-peng, LI Yong-zhong. Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions [J]. Computer Science, 2021, 48(9): 345-351.
[14] ZHOU Xin-min, HU Yi-gui, LIU Wen-jie, SUN Rong-jun. Research on Urban Function Recognition Based on Multi-modal and Multi-level Data Fusion Method [J]. Computer Science, 2021, 48(9): 50-58.
[15] LI Bei-bei, SONG Jia-rui, DU Qing-yun, HE Jun-jiang. DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things [J]. Computer Science, 2021, 48(7): 47-54.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.