Ensemble methods in intrusion detection
As services are being deployed on the internet, there is the need to secure the infrastructure from malicious attacks. Intrusion detection serves as a second line of defense apart from firewall and cryptography. There are many techniques employed in intrusion detection which include signature detect...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/53615/25/KekereTemitopeJosiahMFC2015.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.53615 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.536152020-07-22T04:02:02Z Ensemble methods in intrusion detection 2015-01 Josiah, Kekere Temitope QA75 Electronic computers. Computer science As services are being deployed on the internet, there is the need to secure the infrastructure from malicious attacks. Intrusion detection serves as a second line of defense apart from firewall and cryptography. There are many techniques employed in intrusion detection which include signature detection, anomaly and specification based detection system. These techniques often trade off accuracy with false positive rate. In this study, anomaly detection using ensembles is used to automatically classify and detect attack patterns. It has been proven that ensembles of classifier outperform their base classifiers. Several multiples of classifiers have been combined to improve the performance of intrusion detection system. Commonly used classifiers include Support Vector Machines, Decision Trees, Genetic Algorithms, Fuzzy, Principal Component Analysis. The study employed KStar clustering and Instance Based classification algorithms to detect intrusions in NSL-KDD dataset. The results show that the ensemble we designed has a 1-error rate of 99.67% and false positive 0.33%. The response time of the anomaly is 0.18seconds. The chosen ensemble outperformed the rest of the ensembles (rPART & SMO and J48) and the base classifiers. The performance of the combiners has showed that the study has built a model with high detection, and reduced error. 2015-01 Thesis http://eprints.utm.my/id/eprint/53615/ http://eprints.utm.my/id/eprint/53615/25/KekereTemitopeJosiahMFC2015.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:84295 masters Universiti Teknologi Malaysia, Faculty of Computing Faculty of Computing |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
QA75 Electronic computers Computer science |
| spellingShingle |
QA75 Electronic computers Computer science Josiah, Kekere Temitope Ensemble methods in intrusion detection |
| description |
As services are being deployed on the internet, there is the need to secure the infrastructure from malicious attacks. Intrusion detection serves as a second line of defense apart from firewall and cryptography. There are many techniques employed in intrusion detection which include signature detection, anomaly and specification based detection system. These techniques often trade off accuracy with false positive rate. In this study, anomaly detection using ensembles is used to automatically classify and detect attack patterns. It has been proven that ensembles of classifier outperform their base classifiers. Several multiples of classifiers have been combined to improve the performance of intrusion detection system. Commonly used classifiers include Support Vector Machines, Decision Trees, Genetic Algorithms, Fuzzy, Principal Component Analysis. The study employed KStar clustering and Instance Based classification algorithms to detect intrusions in NSL-KDD dataset. The results show that the ensemble we designed has a 1-error rate of 99.67% and false positive 0.33%. The response time of the anomaly is 0.18seconds. The chosen ensemble outperformed the rest of the ensembles (rPART & SMO and J48) and the base classifiers. The performance of the combiners has showed that the study has built a model with high detection, and reduced error. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Josiah, Kekere Temitope |
| author_facet |
Josiah, Kekere Temitope |
| author_sort |
Josiah, Kekere Temitope |
| title |
Ensemble methods in intrusion detection |
| title_short |
Ensemble methods in intrusion detection |
| title_full |
Ensemble methods in intrusion detection |
| title_fullStr |
Ensemble methods in intrusion detection |
| title_full_unstemmed |
Ensemble methods in intrusion detection |
| title_sort |
ensemble methods in intrusion detection |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Computing |
| granting_department |
Faculty of Computing |
| publishDate |
2015 |
| url |
http://eprints.utm.my/id/eprint/53615/25/KekereTemitopeJosiahMFC2015.pdf |
| _version_ |
1747817595000586240 |