- Title
- Hybrid intrusion detection system based on the stacking ensemble of C5 decision tree classifier and one class support vector machine
- Creator
- Khraisat, Ansam; Gondal, Iqbal; Vamplew, Peter; Kamruzzaman, Joarder; Alazab, Ammar
- Date
- 2020
- Type
- Text; Journal article
- Identifier
- http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/171394
- Identifier
- vital:14338
- Identifier
-
https://doi.org/10.3390/electronics9010173
- Identifier
- ISBN:2079-9292 (ISSN)
- Abstract
- Cyberttacks are becoming increasingly sophisticated, necessitating the efficient intrusion detection mechanisms to monitor computer resources and generate reports on anomalous or suspicious activities. Many Intrusion Detection Systems (IDSs) use a single classifier for identifying intrusions. Single classifier IDSs are unable to achieve high accuracy and low false alarm rates due to polymorphic, metamorphic, and zero-day behaviors of malware. In this paper, a Hybrid IDS (HIDS) is proposed by combining the C5 decision tree classifier and One Class Support Vector Machine (OC-SVM). HIDS combines the strengths of SIDS) and Anomaly-based Intrusion Detection System (AIDS). The SIDS was developed based on the C5.0 Decision tree classifier and AIDS was developed based on the one-class Support Vector Machine (SVM). This framework aims to identify both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the benchmark datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) and Australian Defence Force Academy (ADFA) datasets. Studies show that the performance of HIDS is enhanced, compared to SIDS and AIDS in terms of detection rate and low false-alarm rates. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
- Publisher
- MDPI AG
- Relation
- Electronics (Switzerland) Vol. 9, no. 1 (2020), p.
- Rights
- https://creativecommons.org/licenses/by/4.0/
- Rights
- © 2020 by the authors.
- Rights
- Open Access
- Rights
- This metadata is freely available under a CCO license
- Subject
- 0906 Electrical and Electronic Engineering; Anomaly detection; C5.0 Decision tree; Cyber analytics; Data mining; Hybrid approach; Intrusion; Intrusion Detection System; Machine learning; Zero-day malware
- Full Text
- Reviewed
- Hits: 11195
- Visitors: 11200
- Downloads: 348
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | Published | 1019 KB | Adobe Acrobat PDF | View Details Download |