Abstract
Cyber attack detection is based on assumption that intrusive activities are noticeably different from normal system activities and thus detectable. A cyber attack would cause loss of integrity, confidentiality, denial of resources. The fact is that no single classifier able to give maximum accuracy for all the five classes (Normal, Probe, DOS, U2R and R2L). We have proposed a Cyber Attack Detection System (CADS) and its generic framework, which performs well for all the classes. This is based on Generalized Discriminant Analysis (GDA) algorithm for feature reduction of the cyber attack dataset and an ensemble approach of classifiers for classification of cyber attacks. The ensemble approach of classifiers classifies cyber attack based on the union of the subsets of features. Thus it can detect a wider range of attacks. The C4.5 and improved Support Vector Machine (iSVM) classifiers are combined as a hierarchical hybrid classifier (C4.5-iSVM) and an ensemble approach combining the individual base classifiers and hybrid classifier for best classification of cyber attacks. The experimental results illustrate that the proposed Cyber Attack Detection System is having improved detection accuracy for all the classes of attacks.
Highlights
Attacks on computer infrastructures are becoming an increasingly serious problem
We have investigated some new techniques for cyber attack detection system and evaluated their performance based on the benchmark KDDCUP2009 cyber attack data
We have explored C4.5 and improved Support Vector Machine (iSVM) as an cyber attack models
Summary
Attacks on computer infrastructures are becoming an increasingly serious problem. Network cyber detection is an important aspect of computer network security. Computing systems refer to computers, computer networks, and the information they handle These threats and others that are likely to appear in the future have lead to the design and development of cyber attack detection systems. We present Cyber Attack Detection System (CADS) and its generic framework, which perform well for all the classes of attack. The ensemble approach of classifiers classifies cyber attack based on the union of the subsets of features. It can detect a wider range of attacks. The C4.5 [3] and improved Support Vector Machine (iSVM) classifiers are combined as a hierarchical hybrid classifier (C4.5-iSVM) and an ensemble approach combining the individual base classifiers (C4.5 and iSVM) and hybrid classifier (C4.5iSVM) for best classification of cyber attack. The experimental results illustrate that Cyber Attack Detection System is having higher detection accuracy (minimize the false positive alarm) for the all classes of attacks and minimize training and testing times of the classifiers
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have