ACTIVE LEARNING TO DEFEND POISONING ATTACK AGAINST SEMI-SUPERVISED INTRUSION DETECTION CLASSIFIER

2011 ◽  
Vol 19 (supp01) ◽  
pp. 93-106
Author(s):  
JUN LONG ◽  
WENTAO ZHAO ◽  
FANGZHOU ZHU ◽  
ZHIPING CAI
Keyword(s):  
Active Learning ◽  
Intrusion Detection ◽  
Computer Security ◽  
Supervised Learning ◽  
High Accuracy ◽  
Intrusion Detection Systems ◽  
Learning Needs ◽  
Detection Systems ◽  
Learning Classifier ◽  
Learning Techniques

Intrusion detection systems play an important role in computer security. To make intrusion detection systems adaptive to changing environments, supervised learning techniques had been applied in intrusion detection. However, supervised learning needs a large amount of training instances to obtain classifiers with high accuracy. Limited to lack of high quality labeled instances, some researchers focused on semi-supervised learning to utilize unlabeled instances enhancing classification. But involving the unlabeled instances into the learning process also introduces vulnerability: attackers can generate fake unlabeled instances to mislead the final classifier so that a few intrusions can not be detected. In this paper we show that the attacker could mislead the semi-supervised intrusion detection classifier by poisoning the unlabeled instances. And we propose a defend method based on active learning to defeat the poisoning attack. Experiments show that the poisoning attack can reduce the accuracy of the semi-supervised learning classifier and the proposed defending method based on active learning can obtain higher accuracy than the original semi-supervised learner under the presented poisoning attack.

scholarly journals The Use of Artificial-Intelligence-Based Ensembles for Intrusion Detection: A Review

2012 ◽  
Vol 2012 ◽  
pp. 1-20 ◽  
Author(s):  
Gulshan Kumar ◽  
Krishan Kumar
Keyword(s):  
Artificial Intelligence ◽  
Intrusion Detection ◽  
Supervised Learning ◽  
Ensemble Learning ◽  
Classification Performance ◽  
Intrusion Detection Systems ◽  
Future Directions ◽  
Comprehensive Review ◽  
Detection Systems ◽  
Combination Methods

In supervised learning-based classification, ensembles have been successfully employed to different application domains. In the literature, many researchers have proposed different ensembles by considering different combination methods, training datasets, base classifiers, and many other factors. Artificial-intelligence-(AI-) based techniques play prominent role in development of ensemble for intrusion detection (ID) and have many benefits over other techniques. However, there is no comprehensive review of ensembles in general and AI-based ensembles for ID to examine and understand their current research status to solve the ID problem. Here, an updated review of ensembles and their taxonomies has been presented in general. The paper also presents the updated review of various AI-based ensembles for ID (in particular) during last decade. The related studies of AI-based ensembles are compared by set of evaluation metrics driven from (1) architecture & approach followed; (2) different methods utilized in different phases of ensemble learning; (3) other measures used to evaluate classification performance of the ensembles. The paper also provides the future directions of the research in this area. The paper will help the better understanding of different directions in which research of ensembles has been done in general and specifically: field of intrusion detection systems (IDSs).

scholarly journals On evaluation of Network Intrusion Detection Systems: Statistical analysis of CIDDS-001 dataset using Machine Learning Techniques

2019 ◽  
Author(s):  
Abhishek Verma ◽  
Virender Ranga
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Learning Techniques ◽  
Network Intrusion Detection Systems ◽  
Secure Networks

In the era of digital revolution, a huge amount of data is being generated from different networks on a daily basis. Security of this data is of utmost importance. Intrusion Detection Systems are found to be one the best solutions towards detecting intrusions. Network Intrusion Detection Systems are employed as a defence system to secure networks. Various techniques for the effective development of these defence systems have been proposed in the literature. However, the research on the development of datasets used for training and testing purpose of such defence systems is equally concerned. Better datasets improve the online and offline intrusion detection capability of detection model. Benchmark datasets like KDD 99 and NSL-KDD cup 99 obsolete and do not contain network traces of modern attacks like Denial of Service, hence are unsuitable for the evaluation purpose. In this work, a detailed analysis of CIDDS-001 dataset has been done and presented. We have used different well-known machine learning techniques for analysing the complexity of the dataset. Eminent evaluation metrics including Detection Rate, Accuracy, False Positive Rate, Kappa statistics, Root mean squared error have been used to show the performance of employed machine learning techniques.

Towards secure intrusion detection systems using deep learning techniques: Comprehensive analysis and review

2021 ◽  
pp. 103111
Author(s):  
Sang-Woong Lee ◽  
Haval Mohammed sidqi ◽  
Mokhtar Mohammadi ◽  
Shima Rashidi ◽  
Amir Masoud Rahmani ◽  
...  
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Comprehensive Analysis ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Learning Techniques

scholarly journals Machine Learning confronted with the operational constraints of detection systems

2019 ◽  
Vol 1 (1) ◽  
pp. 1-7
Author(s):  
Sridarala Ramu ◽  
Daniel Osaku
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Academic Research ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Detection Model ◽  
Detection Systems ◽  
Learning Techniques ◽  
High Level ◽  
Operational Constraints

Intrusion detection systems, traditionally based on signatures, have not escaped the recent appeal of machine learning techniques. While the results presented in academic research articles are often excellent, security experts still have many reservations about the use of Machine Learning in intrusion detection systems. They generally fear an inadequacy of these techniques to operational constraints, in particular because of a high level of expertise required, or a large number of false positives. In this article, we show that Machine Learning can be compatible with the operational constraints of detection systems. We explain how to build a detection model and present good practices to validate it before it goes into production. The methodology is illustrated by a case study on the detection of malicious PDF files and we offer a free tool, SecuML, to implement it.

Sign in / Sign up

Export Citation Format

Share Document