Intrusion detection in computer networks by a modular ensemble of one-class classifiers

Information Fusion

Volumn 9, Issue 1, 2008, Pages 69-82

  Giacinto, Giorgio ^a   Perdisci, Roberto ^a   Del Rio, Mauro ^a   Roli, Fabio ^a  

^a UNIVERSITY OF CAGLIARI   (Italy)

Author keywords

Computer networks; Intrusion detection; Modular systems; Multiple classifier systems; One class classifiers

Indexed keywords

DATA STRUCTURES; DECISION THEORY; DEMODULATION; INTRUSION DETECTION; MATHEMATICAL MODELS; OPTIMIZATION;

MODULAR ENSEMBLES; MULTIPLE CLASSIFIER SYSTEMS; NETWORK SERVICES; ONE CLASS CLASSIFIERS;

COMPUTER NETWORKS;

EID: 35348821822     PISSN: 15662535     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.inffus.2006.10.002     Document Type: Article

References (33)

1. Batista G., Prati R.C., and Monard M.C. A study of the behavior of several methods for balancing machine learning training data. ACM SIGKDD Explorations Newsletter 6 1 (2004) 20-29
2. Cohen I., Cozman F.G., Sebe N., Cirelo M.C., and Huang T. Semi-supervised learning of classifiers: theory, algorithms and their applications to human-computer interaction. IEEE Transactions on Pattern Analysis and Machine Intelligence 26 12 (2004) 1553-1567
3. Cordella L.P., Limongiello A., and Sansone C. Network intrusion detection by a multi-stage classification system. In: Roli, Kittler, and Windeatt (Eds). Multiple Classifier Systems. LNCS vol. 3077 (2004), Springer 324-333
4. H. Debar, M. Becker, D. Siboni, A neural network component for an intrusion detection system, in: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, USA, 1992, pp. 240-250.
5. Denning D.E. An intrusion-detection model. IEEE Transactions on Software Engineering 13 2 (1987) 222-232
6. Duda R.O., Hart P.E., and Stork D.G. Pattern Classification. second ed. (2000), Wiley-Interscience
7. Elkan C. Results of the KDD'99 Classifier Learning. ACM SIGKDD Explorations 1 (2000) 63-64
8. Eskin E., Arnold A., Prerau M., Portnoy L., and Stolfo S. A geometric framework for unsupervised anomaly detection: detecting intrusions in unlabeled data. In: Barbara D., and Jajodia S. (Eds). Applications of Data Mining in Computer Security (2002), Kluwer
9. G. Giacinto, F. Roli, L. Didaci, A modular multiple classifier system for the detection of intrusions in computer networks, in: T. Windeatt, F. Roli (Eds.), 4th International Workshop on Multiple Classifier Systems (MCS 2003), Guildford, United Kingdom, 11-13 June 2003, LNCS, vol. 2709, pp. 346-355.
10. Giacinto G., Roli F., and Didaci L. Fusion of multiple classifiers for intrusion detection in computer networks. Pattern Recognition Letters 24 12 (2003) 1795-1803
11. Jain A.K., and Dubes R.C. Algorithms for Clustering Data (1988), Prentice-Hall
12. H. Javits, A. Valdes. The NIDES statistical component: Description and justification. SRI Annual Report A010, SRI International, Computer Science Laboratory, March 1993.
13. Kittler J., Hatef M., Duin R.P.W., and Matas J. On combining classifiers. IEEE Transactions on Pattern Analysis and Machine Intelligence 20 3 (1998) 226-229
14. Kuncheva L.I. Combining Pattern Classifiers: Methods and Algorithms (2004), Wiley
15. Lee W., and Stolfo S. A Framework for Constructing Features and Models for Intrusion Detection Systems. ACM Transactions on Information and System Security 3 4 (2000)
16. W. Lee, D. Xiang, Information-theoretic measures for anomaly detection, IEEE Symposium on Security and Privacy, 2001.
17. K. Leung, C. Leckie, Unsupervised anomaly detection in network intrusion detection using clusters, in: Proceedings of the 28th Australasian Computer Science Conference, ACSC 2005.
18. Lippmann R., Haines J.W., Fried D.J., Korba J., and Das K. The 1999 DARPA off-line intrusion detection evaluation. Computer Networks 34 4 (2000) 579-595
19. M.V. Mahoney, P.K. Chan, An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection, in: 6th International Symposium on Recent Advances in Intrusion Detection, RAID 2003.
20. McHugh J., Christie A., and Allen J. Defending yourself: the role of intrusion detection systems. IEEE Software (2000) 42-51 September/October
21. McHugh J. Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3 4 (2000) 262-294
22. L. Portnoy, E. Eskin, S. Stolfo, Intrusion detection with unlabeled data using clustering, in: Proceedings of ACM CSS Workshop on Data Mining Applied to Security, DMSA-2001.
23. Proctor P.E. Practical Intrusion Detection Handbook (2001), Prentice-Hall, Upper Saddle River, NJ
24. Schölkopf B., Platt J., Shawe-Taylor J., Smola A.J., and Williamson R.C. Estimating the support of a high-dimensional distribution. Neural Computation 13 (2001) 1443-1471
25. D.M.J. Tax, R.P.W. Duin, Combining one-class classifiers, in: Proceedings of Multiple Classifier Systems, MCS, 2001.
26. D.M.J. Tax, One-class classification, concept learning in the absence of counter examples, Ph.D. Thesis, 2001, Delft University of Technology, Delft, Netherland.
27. Tax D.M.J., and Duin R.P.W. Support vector data description. Machine Learning 54 1 (2004) 45-66
28. Vapnik V. Statistical Learning Theory (1998), Wiley
29. G. Vigna, W. Robertson, D. Balzarotti, Testing network-based intrusion detection signatures using mutant exploits, in: The Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS), Washington DC, USA, October 2004.
30. H.J. Wang, C. Guo, D.R. Simon, A. Zugenmaier, Shield: vulnerability-driven network filters for preventing known vulnerability exploits, in: Proceedings of the ACM SIGCOMM Conference, 2004.
31. K. Wang, S.J. Stolfo, Anomalous payload-based network intrusion detection, in: Proceedings of the International Symposium on Recent Advances on Intrusion Detection, RAID 2004.
32. Y. Yang, F. Ma, An unsupervised anomaly detection patterns learning algorithm, in: Proceedings of ICCT 2003.
33. S. Zanero, S.M. Savaresi, Unsupervised learning techniques for an intrusion detection system, in: Proceedings of the ACM symposium on Applied computing, 2004.