A Multi-expert Classification Framework with Transferable Voting for Intrusion Detection

Network security is a critical component for any sized organization. While static defence technologies such as firewalls and anti-virus provide basic protection for computer networks, an intrusion detection system (IDS) can improve overall security by identifying and responding to novel malicious activities. The current existing IDS methods suffer from low accuracy and system robustness. To overcome such limitations, this paper proposes a multi-expert classification framework for detecting different types of network anomalies. Specifically, different types of intrusions will be detected with different strategies, including different attribute selections and learning algorithms. Several voting approaches are also investigated for the purpose of classifier combination. The Knowledge Discovery and Data Mining (KDD-99) dataset is used as a benchmark to compare this method with other existing techniques. Empirical results indicate that the proposed design outperforms other state-of-the-art learning methods in terms of detection cap abilities, misclassification cost and processing overheads.