Article

A Hybrid Network Intrusion Detection Technique Using Random Forests

Authors:

Jiong Zhang,

Mohammad ZulkernineAuthors Info & Claims

ARES '06: Proceedings of the First International Conference on Availability, Reliability and Security

Pages 262 - 269

https://doi.org/10.1109/ARES.2006.7

Published: 20 April 2006 Publication History

Publisher Site

Abstract

Intrusion detection is important in network security. Most current network intrusion detection systems (NIDSs) employ either misuse detection or anomaly detection. However, misuse detection cannot detect unknown intrusions, and anomaly detection usually has high false positive rate. To overcome the limitations of both techniques, we incorporate both anomaly and misuse detection into the NIDS. In this paper, we present our framework of the hybrid system. The system combines the misuse detection and anomaly detection components in which the random forests algorithm is applied. We discuss the advantages of the framework and also report our experimental results over the KDD'99 dataset. The results show that the proposed approach can improve the detection performance of the NIDSs, where only anomaly or misuse detection technique is used.

Cited By

View all

Resende PDrummond A(2018)A Survey of Random Forest Based Methods for Intrusion Detection SystemsACM Computing Surveys10.1145/317858251:3(1-36)Online publication date: 23-May-2018
https://dl.acm.org/doi/10.1145/3178582
Aleroud AKarabatis G(2017)Contextual information fusion for intrusion detectionKnowledge and Information Systems10.1007/s10115-017-1027-352:3(563-619)Online publication date: 1-Sep-2017
https://dl.acm.org/doi/10.1007/s10115-017-1027-3
Hamid YSugumaran MJournaux LAkila VSivakumar NSaruladha KZayaraz GIlavarasan E(2016)Machine Learning Techniques for Intrusion DetectionProceedings of the International Conference on Informatics and Analytics10.1145/2980258.2980378(1-6)Online publication date: 25-Aug-2016
https://dl.acm.org/doi/10.1145/2980258.2980378
Show More Cited By

Index Terms

A Hybrid Network Intrusion Detection Technique Using Random Forests

Recommendations

Random-Forests-Based Network Intrusion Detection Systems

Prevention of security breaches completely using the existing security technologies is unrealistic. As a result, intrusion detection is an important component in network security. However, many current intrusion detection systems (IDSs) are rule-based ...
A framework of cooperating intrusion detection based on clustering analysis and expert system
InfoSecu '04: Proceedings of the 3rd international conference on Information security

This paper first analyzes and compares misuse detection and anomaly detection. Misuse detection can't detect new or unknown intrusion, while anomaly detection has the shortcoming on detection rate and false alarm rate. In order to overcome their ...
A Novel Outlier Detection Scheme for Network Intrusion Detection Systems
ISA '08: Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)

Network intrusion detection system serves as a second line of defense to intrusion prevention. Anomaly detection approach is important in order to detect new attacks. This paper adopted connectivity-based outlier detection scheme from statistical field ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ARES '06: Proceedings of the First International Conference on Availability, Reliability and Security

April 2006

2031 pages

ISBN:0769525679

Publisher

IEEE Computer Society

United States

Publication History

Published: 20 April 2006

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Resende PDrummond A(2018)A Survey of Random Forest Based Methods for Intrusion Detection SystemsACM Computing Surveys10.1145/317858251:3(1-36)Online publication date: 23-May-2018
https://dl.acm.org/doi/10.1145/3178582
Aleroud AKarabatis G(2017)Contextual information fusion for intrusion detectionKnowledge and Information Systems10.1007/s10115-017-1027-352:3(563-619)Online publication date: 1-Sep-2017
https://dl.acm.org/doi/10.1007/s10115-017-1027-3
Hamid YSugumaran MJournaux LAkila VSivakumar NSaruladha KZayaraz GIlavarasan E(2016)Machine Learning Techniques for Intrusion DetectionProceedings of the International Conference on Informatics and Analytics10.1145/2980258.2980378(1-6)Online publication date: 25-Aug-2016
https://dl.acm.org/doi/10.1145/2980258.2980378
Guo CPing YLiu NLuo S(2016)A two-level hybrid approach for intrusion detectionNeurocomputing10.1016/j.neucom.2016.06.021214:C(391-400)Online publication date: 19-Nov-2016
https://dl.acm.org/doi/10.1016/j.neucom.2016.06.021
Chapke PDeshmukh RKhadar ST. R(2015)Intrusion Detection System using Fuzzy Logic and Data Mining TechniqueProceedings of the 2015 International Conference on Advanced Research in Computer Science Engineering & Technology (ICARCSET 2015)10.1145/2743065.2743128(1-5)Online publication date: 6-Mar-2015
https://dl.acm.org/doi/10.1145/2743065.2743128
Malik AShahzad WKhan F(2015)Network intrusion detection using hybrid binary PSO and random forests algorithmSecurity and Communication Networks10.1002/sec.5088:16(2646-2660)Online publication date: 10-Nov-2015
https://dl.acm.org/doi/10.1002/sec.508
Yeh CChi DLin Y(2014)Going-concern prediction using hybrid random forests and rough set approachInformation Sciences: an International Journal10.1016/j.ins.2013.07.011254(98-110)Online publication date: 1-Jan-2014
https://dl.acm.org/doi/10.1016/j.ins.2013.07.011
Kim GLee SKim S(2014)A novel hybrid intrusion detection method integrating anomaly detection with misuse detectionExpert Systems with Applications: An International Journal10.1016/j.eswa.2013.08.06641:4(1690-1700)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.1016/j.eswa.2013.08.066
Guo CZhou YPing YZhang ZLiu GYang Y(2014)A distance sum-based hybrid method for intrusion detectionApplied Intelligence10.1007/s10489-013-0452-640:1(178-188)Online publication date: 1-Jan-2014
https://dl.acm.org/doi/10.1007/s10489-013-0452-6
Verikas AGelzinis ABacauskiene M(2011)Mining data with random forestsPattern Recognition10.1016/j.patcog.2010.08.01144:2(330-349)Online publication date: 1-Feb-2011
https://dl.acm.org/doi/10.1016/j.patcog.2010.08.011
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Random-Forests-Based Network Intrusion Detection Systems

A framework of cooperating intrusion detection based on clustering analysis and expert system

A Novel Outlier Detection Scheme for Network Intrusion Detection Systems

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations