scholarly journals Cascading of C4.5 Decision Tree and Support Vector Machine for Rule Based Intrusion Detection System

2012 ◽  
Vol 4 (8) ◽  
pp. 8-20 ◽  
Author(s):  
Jashan Jashan ◽  
Monark Bag
Keyword(s):  
Support Vector Machine ◽  
Intrusion Detection ◽  
Decision Tree ◽  
Intrusion Detection System ◽  
Detection System ◽  
Support Vector ◽  
Rule Based ◽  
C4.5 Decision Tree

scholarly journals Hybrid Intrusion Detection System Based on the Stacking Ensemble of C5 Decision Tree Classifier and One Class Support Vector Machine

Electronics ◽  
2020 ◽  
Vol 9 (1) ◽  
pp. 173 ◽  
Author(s):  
Ansam Khraisat ◽  
Iqbal Gondal ◽  
Peter Vamplew ◽  
Joarder Kamruzzaman ◽  
Ammar Alazab
Keyword(s):  
Support Vector Machine ◽  
Intrusion Detection ◽  
Decision Tree ◽  
False Alarm ◽  
Intrusion Detection System ◽  
Detection System ◽  
Support Vector ◽  
Decision Tree Classifier ◽  
Tree Classifier ◽  
False Alarm Rates

Cyberttacks are becoming increasingly sophisticated, necessitating the efficient intrusion detection mechanisms to monitor computer resources and generate reports on anomalous or suspicious activities. Many Intrusion Detection Systems (IDSs) use a single classifier for identifying intrusions. Single classifier IDSs are unable to achieve high accuracy and low false alarm rates due to polymorphic, metamorphic, and zero-day behaviors of malware. In this paper, a Hybrid IDS (HIDS) is proposed by combining the C5 decision tree classifier and One Class Support Vector Machine (OC-SVM). HIDS combines the strengths of SIDS) and Anomaly-based Intrusion Detection System (AIDS). The SIDS was developed based on the C5.0 Decision tree classifier and AIDS was developed based on the one-class Support Vector Machine (SVM). This framework aims to identify both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the benchmark datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) and Australian Defence Force Academy (ADFA) datasets. Studies show that the performance of HIDS is enhanced, compared to SIDS and AIDS in terms of detection rate and low false-alarm rates.

scholarly journals Intelligent Intrusion Detection System Through Combined and Optimized Machine Learning

2018 ◽  
Vol 17 (02) ◽  
pp. 1850007 ◽  
Author(s):  
Syed Ali Raza Shah ◽  
Biju Issac ◽  
Seibu Mary Jacob
Keyword(s):  
Machine Learning ◽  
Support Vector Machine ◽  
Fuzzy Logic ◽  
Intrusion Detection ◽  
Open Source Software ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Support Vector ◽  
Rule Based

In this paper, an existing rule-based intrusion detection system (IDS) is made more intelligent through the application of machine learning. Snort was chosen as it is an open source software and though it was performing well, it showed false positives (FPs). To find the best performing machine learning algorithms (MLAs) to use with Snort so as to improve its detection, we tested some algorithms on three available datasets. Support vector machine (SVM) was chosen along with fuzzy logic and decision tree based on their accuracy. Combined versions of algorithms through ensemble SVM along with other variants were tried on the generated traffic of normal and malicious packets at 10[Formula: see text]Gbps. Optimized versions of the SVM along with firefly and ant colony optimization (ACO) were also tried, and the accuracy improved remarkably. Thus, the application of combined and optimized MLAs to Snort at 10[Formula: see text]Gbps worked quite well.

Sign in / Sign up

Export Citation Format

Share Document