Title :
Errors Estimating of Incompletion and Updating Strategy in IDS
Author_Institution :
Inst. of Inf., Zhongnan Univ. of Econ. & Law, Wuhan
Abstract :
Because there existed the problem of incomplete training sets in current intrusion detection systems, it results in false positive errors. In the paper, an ID model-IAIDM (immune-based adaptive intrusion detection model) is firstly put forward. Based on the characteristics of IAIDM, a analytical method of discrete random process is introduced to estimate the ratio of false positive errors. The analytical results show that incomplete training sets mainly affect the peripheral regions of self space instead of the whole of sample space. According to the analytical results, an incremental algorithm (IA) is proposed to update incomplete training sets dynamically. The experiment results demonstrate IA algorithm can update local self space having changed instead of the whole space incrementally and dynamically so that IAIDM can adjust itself to the current network environment quickly
Keywords :
computer networks; error statistics; estimation theory; learning (artificial intelligence); random processes; security of data; telecommunication security; discrete random process; error estimation; immune-based adaptive intrusion detection system; incomplete training set; incremental algorithm; Algorithm design and analysis; Computer networks; Cybernetics; Detectors; Environmental economics; Error analysis; Fault detection; Immune system; Intrusion detection; Machine learning; Phase detection; Proteins; Random processes; Sun; Intrusion detection system; incompletion; natural immune system;
Conference_Titel :
Machine Learning and Cybernetics, 2006 International Conference on
Conference_Location :
Dalian, China
Print_ISBN :
1-4244-0061-9
DOI :
10.1109/ICMLC.2006.259144
