• شماره ركورد كنفرانس
    4058
  • عنوان مقاله

    A Hybrid Intrusion Detection: Combining Decision Tree and Gaussian Mixture Model

  • پديدآورندگان

    Bitaab Marzieh bitaab@cse.shirazu.ac.ir Computer Science and Engineering Dept., ECE School Shiraz University Shiraz, Iran , Hashemi Sattar s_hashemi@shirazu.ac.ir Computer Science and Engineering Dept., ECE School Shiraz University Shiraz, Iran

  • تعداد صفحه
    5
  • كليدواژه
    intrusion detection , anomaly , misuse , clustering , multi , modal
  • سال انتشار
    1396
  • عنوان كنفرانس
    چهاردهمين كنفرانس بين المللي انجمن رمز ايران
  • زبان مدرك
    انگليسي
  • چكيده فارسي
    Nowadays, cybercrimes have become a major threat for computer networks. Many researchers considered Network Intrusion Detection System (NIDS) as a layer of defense and proposed new methods for detecting malicious network traffics. In this paper, we propose a hybrid method for detecting intrusion in networks. Using hybrid techniques exploits the strength of both misuse and anomaly detection methods. In our technique, we use decision tree for the misuse detection component and Gaussian Mixture Model (GMM) for anomaly detection. The advantage of using GMM is that it can recognize the attacks, which are similar to the normal distributions. The proposed technique’s performance is evaluated on NSL-KDD dataset. Our empirical observations indicate that the proposed technique is a method of choice by offering higher accuracy and AUC while preserving lower false positive rates.
  • كشور
    ايران