DocumentCode :
3071326
Title :
Improving Performance of Anomaly-Based IDS by Combining Multiple Classifiers
Author :
Kishimoto, Kazuya ; Yamaki, Hirofumi ; Takakura, Hiroki
Author_Institution :
Sch. of Eng., Nagoya Univ., Nagoya, Japan
fYear :
2011
fDate :
18-21 July 2011
Firstpage :
366
Lastpage :
371
Abstract :
Intrusion detection systems (IDSs) play an important role to defend networks from cyber attacks. Among them, anomaly-based IDSs can detect unknown attacks like 0-day attacks that are hard to detect by using signature-based system. However, they have problems that their performance depends on a learning dataset. It is very hard to prepare an appropriate learning dataset in a static fashion, because the traffic in the Internet changes quite dynamically and complexity. In this paper, we propose a method that follows traffic trend by combining multiple classifiers. We evaluate our method using Kyoto2006+ and existing algorithm.
Keywords :
Internet; computer network security; pattern classification; 0-day attacks; Internet; Kyoto2006+; anomaly based IDS; cyber attacks; intrusion detection systems; learning dataset; multiple classifiers; Clustering algorithms; Electronic mail; Feature extraction; Internet; Servers; Testing; Training; clustering; detection rate; false positive rate; intrusion detection system;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Applications and the Internet (SAINT), 2011 IEEE/IPSJ 11th International Symposium on
Conference_Location :
Munich, Bavaria
Print_ISBN :
978-1-4577-0531-1
Electronic_ISBN :
978-0-7695-4423-6
Type :
conf
DOI :
10.1109/SAINT.2011.70
Filename :
6004187
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3071326
بازگشت