Title :
Adaptive Intrusion Detection System via online machine learning
Author :
Hai Thanh Nguyen ; Franke, Katrin
Author_Institution :
Dept. of Comput. Sci. & Media Technol., Gjovik Univ. Coll., Gjovik, Norway
Abstract :
Adaptation of Intrusion Detection Systems (IDSs) in the heterogeneous and adversarial network environments is crucial. We design an adaptive IDS that has 10% higher accuracy than the best of four different baseline IDSs. Rather than creating a new `super´ IDS, we combine the outputs of the IDSs by using the online learning framework proposed by Bousquet and Warmuth [1]. The combination framework allows to dynamically determine the best IDSs performed in different segments of a dataset. Moreover, to increase the accuracy and reliability of the intrusion detection results, the fusion between outputs of the four IDSs is taken into account by a new expanded framework. We conduct the experiments on two different datasets for benchmarking Web Application Firewalls: the ECML-PKDD 2007 HTTP dataset and the CISIC HTTP 2010. Experimental results show the high adaptability of the proposed IDS.
Keywords :
learning (artificial intelligence); security of data; CISIC HTTP 2010; ECML-PKDD 2007 HTTP dataset; IDS; Web application firewalls; adaptive intrusion detection system; expanded framework; online learning framework; online machine learning; Accuracy; TV; Web attack detection; adaptability; adversarial learning; intrusion detection; online machine learning;
Conference_Titel :
Hybrid Intelligent Systems (HIS), 2012 12th International Conference on
Conference_Location :
Pune
Print_ISBN :
978-1-4673-5114-0
DOI :
10.1109/HIS.2012.6421346
