Improving Accuracy in Intrusion Detection Systems Using Classifier Ensemble and Clustering

Document Type: Original Manuscript

Authors

Department of Computer Engineering, Mashhad Branch, Islamic Azad University, Mashhad, Iran

Abstract

Recently by developing the technology, the number of network-based services
is increasing, and sensitive information of users is shared through the Internet.
Accordingly, large-scale malicious attacks on computer networks could cause
severe disruption to network services so cybersecurity turns to a major concern for
networks. An intrusion detection system (IDS) could be considered as an
appropriate solution to address the cybersecurity. Despite the applying different
machine learning methods by researchers, low accuracy and high False Alarm
Rate are still critical issues for IDS. In this paper, we propose a new approach for
improving the accuracy and performance of intrusion detection. The proposed
approach utilizes a clustering-based method for sampling the records, as well as
an ensembling strategy for final decision on the class of each sample. For reducing
the process time, K-means clustering is done on the samples and a fraction of each
cluster is chosen. On the other hand, incorporating three classifiers including
Decision Tree (DT), K-Nearest-Neighbor (KNN) and Deep Learning in the
ensembling process results to an improved level of precision and confidence. The
model is tested by different kinds of feature selection methods. The introduced
framework was evaluated on NSL-KDD dataset. The experimental results yielded
an improvement in accuracy in comparison with other models

Keywords

Main Subjects