Improving Accuracy in Intrusion Detection Systems Using Classifier Ensemble and Clustering
Subject Areas : H.3. Artificial IntelligenceEnsieh Nejati 1 , Hassan Shakeri 2 , Hassan Raei 3
1 - Department of Computer Engineering, Mashhad Branch, Islamic Azad University, Mashhad, Iran
2 - Department of Computer Engineering, Mashhad Branch, Islamic Azad University, Mashhad, Iran
3 - Department of Computer Engineering, Mashhad Branch, Islamic Azad University, Mashhad, Iran
Keywords: Clustering, Decision tree, Intrusion Detection System, deep learning, Ensemble Classifier, KNearest-Neighbor,
Abstract :
Recently by developing the technology, the number of network-based servicesis increasing, and sensitive information of users is shared through the Internet.Accordingly, large-scale malicious attacks on computer networks could causesevere disruption to network services so cybersecurity turns to a major concern fornetworks. An intrusion detection system (IDS) could be considered as anappropriate solution to address the cybersecurity. Despite the applying differentmachine learning methods by researchers, low accuracy and high False AlarmRate are still critical issues for IDS. In this paper, we propose a new approach forimproving the accuracy and performance of intrusion detection. The proposedapproach utilizes a clustering-based method for sampling the records, as well asan ensembling strategy for final decision on the class of each sample. For reducingthe process time, K-means clustering is done on the samples and a fraction of eachcluster is chosen. On the other hand, incorporating three classifiers includingDecision Tree (DT), K-Nearest-Neighbor (KNN) and Deep Learning in theensembling process results to an improved level of precision and confidence. Themodel is tested by different kinds of feature selection methods. The introducedframework was evaluated on NSL-KDD dataset. The experimental results yieldedan improvement in accuracy in comparison with other models