Title :
An incremental semi rule-based learning model for cybersecurity in cyberinfrastructures
Author :
Kianmehr, Keivan
Author_Institution :
Dept. of Electr. & Comput. Eng., Western Univ., London, ON, Canada
Abstract :
Classification algorithms are popular data mining methods that are widely used in intrusion detection systems. However, they tend to show good performance on off-line data and their accuracy drop when they are deployed to realtime intrusion detection systems that receive data streams constantly. In other words, the problem with a conventional classifier model, when applied to realtime detection systems, is that it is likely to perform poorly against new data that is different from the patterns against which the model was trained. This work presents an adaptive classification framework for a realtime intrusion detection system that changes its behavior according to the patterns occurred in the new received data. The performance of the system is constantly monitored and whenever it drops under a certain level of accuracy, the classifier model is retrained to learn new patterns and eliminate the obsolete ones from its knowledge. Further, the framework uses a semi rule-based approach to classification in order to make the model more understandable for human experts and facilitate the user interference in the learning process.
Keywords :
data mining; learning (artificial intelligence); pattern classification; security of data; user interfaces; adaptive classification framework; classification algorithm; classifier model; cyberinfrastructure; cybersecurity; data mining method; incremental semi rule-based learning model; realtime intrusion detection system; user interference; Accuracy; Association rules; Clustering algorithms; Feature extraction; Support vector machines; Training;
Conference_Titel :
Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), 2012 IEEE International Conference on
Conference_Location :
Bangkok
Print_ISBN :
978-1-4673-1420-6
DOI :
10.1109/CYBER.2012.6392538
