Anomaly based intrusion detection through temporal classification

Shih Yin Ooi, Shing Chiang Tan, Wooi Ping Cheah

Research output: Chapter in Book/Conference proceedingConference contributionpeer-review

3 Citations (Scopus)

Abstract

Many machine learning techniques have been used to classify anomaly- based network intrusion data, encompassing from single classifier to hybrid or ensemble classifiers. A nonlinear temporal data classification is proposed in this work, namely Temporal-J48, where the historical connection records are used to classify the attack or predict the unseen attack. With its treebased architecture, the implementation is relatively simple. The classification information is readable through the generated temporal rules. The proposed classifier is tested on 1999 KDD Cup Intrusion Detection dataset from UCI Machine Learning Repository. Promising results are reported for denial-ofservice (DOS) and probing attack types.

Original languageEnglish
Title of host publicationNeural Information Processing - 21st International Conference, ICONIP 2014, Proceedings
EditorsChu Kiong Loo, Keem Siah Yap, Kok Wai Wong, Andrew Teoh, Kaizhu Huang
PublisherSpringer Verlag
Pages612-619
Number of pages8
ISBN (Electronic)9783319126425
DOIs
Publication statusPublished - 2014
Externally publishedYes

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8836
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Keywords

  • Anomaly-based intrusion detection
  • Machine learning
  • Temporal classification
  • Temporal decision tree
  • Temporal sequences

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Anomaly based intrusion detection through temporal classification'. Together they form a unique fingerprint.

Cite this