• Article
  • | |
  • Metrics
  • |
  • Reference [20]
  • |
  • Related [20]
  • |
  • Cited by [7]
  • | |
  • Comments
    Abstract:

    Coupled with the explosion of number of the network-oriented applications, Intrusion Detection as an increasingly popular area is attracting more and more research efforts. Although a number of algorithms have already been presented to tackle this problem, they are unable to achieve balanced detection performance for different types of intrusion and cannot respond as quickly as expected. Employing random forests algorithm (RFA)in intrusion detection, this paper devises an improved variation - IRFA and presents an IRFA based model for intrusion detection in information exchanged through network connections. The feasibility in balanced detection and the effectiveness of this approach are verified by experiments based on DARPA data sets.

    Reference
    [1]Denning D. Intrusion-Detection model. IEEE Trans. on Software Engineering, 1987,SE-13(2):222-232.
    [2]Lee W, Stolfo SJ, Mok KW. A mining framework for building intrusion detection models. In: Proc. of the 1999 IEEE Symp. on Security and Privacy. 1999. 120-132.
    [3]Mukkamala S, Janoski G, Sung AH. Intrusion detection using support vector machines and neural networks. In: Proc. of the IEEE Int'l Joint Conf. on Neural Networks. 2002. 1702-1707.
    [4]Mukkamala A, Sung AH. Identifying significant features for network forensic analysis using artificial intelligence techniques. Int'l Journal on Digital Evidence, 2003,1 (4): 1-17.
    [5]Nguyen BV. Introduction support vector machines and application to the computer security of anomaly detection. Presentation at Applied and Computational Mathematics Seminar. 2003-07.
    [6]Denning DE. Protection and defense of intrusion. Presented at Conf. on National Security in the Information Age, US Air Force Academy, 1996.
    [7]Breiman L. Random forests. Machine Learning, 2001,45(1):5-32.
    [8]Breiman L. Manual on setting up, using, and understanding random forests V4.0. 2003. http://oz. Berkeley.edu/users/breiman/Using_random_forests_V4.0.pdf
    [9]Remlinger K. Introduction and application of random forest on high thoughput screening data from drug discovery. In: Proc. of the Workshop for the SAMSI Program on Data Mining and Machine Learning. 2003.
    [10]Amit, Y, Geman D. Shape quantization and recognition with randomized trees. Neural Computation, 1997,9(7),1545-1588.
    [11]Quanlan JR. C 4.5: Programs for Machine Learning. Morgan Kaufmann Kaufmann, San Francisco, CA, 1993.
    [12]Hansen LK, Salamon P. Neural network ensembles. IEEE Trans. on Pattern Analysis and Machine Intelligence, 1990,12(10):993-1001.
    [13]Zhou ZH, Wu JX, Tang W. Ensembling neural networks: Many could be better than all. Artificial Intelligence, 2002,137(1,2):239-263.
    [14]Zhou ZH, Jiang Y. NeC4.5: Neural ensemble based C4.5. IEEE Trans. on Knowledge and Data Engineering, 2004,16(6):770-773.
    [15]Stolfo SJ, Fan W, Lee W, Prodromidis A, Chan PK. Cost-Based modeling for fraud and intrusion detection: Results from the JAM project. In: Proc. of the 2000 DARPA Information Survivability Conf. and Exposition (DISCEX 2000). 2000.
    [16]The UCI Knowledge Discovery in Databases Archive. 2005. http://kdd.ics.uci.edu
    [17]John GH, Kohavi R, Peger P. Irrelevant features and the subset selectionproblem. In: Cohen WW, Hirsh H, eds. Machine Learning:Proc. of the Eleventh Int'l Conf San Francisco: Morgan Kaufmann Publishers, 1994.
    [18]Mukkamala S, Sung AH. Feature ranking and selection for intrusion detection using support vector machines. In: Proc. of the Int'l Conf. on Information and Knowledge Engineering 2002.503-509.
    [19]Lee W, Stolof SJ, Mok KW. A data mining framework for building intrusiondetection models. In: Proc. of the 1999 Symp. on Security and Privasy. Oakland, 1999.
    [20]Mukkamala S, Sung AH, Abraham A. Intrusion detection using ensemble of soft computing paradigms. In: Proc. of the 3rd Int'l Conf. on Intelligent Systems Design and Applications, Intelligent Systems Design and Applications, Advances in Soft Computing Berlin: Springer-Verlag, 2003. 239-248.
    Comments
    Comments
    分享到微博
    Submit
Get Citation

郭山清,高丛,姚建,谢立.基于改进的随机森林算法的入侵检测模型.软件学报,2005,16(8):1490-1498

Copy
Share
Article Metrics
  • Abstract:4911
  • PDF: 6387
  • HTML: 0
  • Cited by: 0
History
  • Received:March 07,2004
  • Revised:November 03,2004
You are the first2034838Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063