Abstract
Intrusion detection has become a major need for the current networked environment due to the high usage levels and the mandatory security that is needed, as sensitive information are being shared in the network. However, there exist several intrinsic issues in the network data that complicates the detection process. Further, real-time detection is also required due to the high velocity of data flow that can be expected in the domain. This paper presents an ensemble-based intrusion detection model to handle data imbalance and noise. Further, the entire approach has been decentralized to enable parallelized detection. The proposed model utilizes a BAgged Stacking Ensemble (BASE) as the detection model. The ensemble architecture initially creates data bags, enabling distributed processing. The bags are processed by multiple heterogeneous base learners. Prediction results from the base learners are passed to a stacked classifier for final predictions. This ensemble model is distributed over the network to enable decentralized processing. Experiments were performed on the NSL-KDD data and the results were compared with recent models. Comparisons with state-of-the-art models indicate the effectiveness of the proposed model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Pontarelli S, Bianchi G, Teofili S (2013) Traffic-aware design of a high-speed fpga network intrusion detection system. IEEE Trans Comput 62(11):2322–2334. https://doi.org/10.1109/TC.2012.105
Garcia-Teodoro P, Diaz-Verdejo J, Maciá-Fernández G, Vázquez E (2009) Anomaly-based network intrusion detection: techniques, systems and challenges. Comput Secur 28(1–2):18–28
Tang Y, Chen S (2007) An automated signature-based approach against polymorphic internet worms. IEEE Trans Parallel Distrib Syst 18(7):879–892
Tan Z, Jamdagni A, He X, Nanda P, Liu RP (2014) A system for denial-of-service attack detection based on multivariate correlation analysis. IEEE Trans Parallel Distrib Syst 25(2):447–456
Bhuyan MH, Bhattacharyya DK, Kalita JK (2014) Network anomaly detection: methods, systems and tools. IEEE Commun Surv Tutorials 16(1):303–336
Akila S, Srinivasulu Reddy U (2016) Data imbalance: effects and solutions for classification of large and highly imbalanced data. Proc ICRECT 16:28–34
Akila S, Srinivasulu Reddy U (2017) Modelling a stable classifier for handling large scale data with noise and imbalance. In: IEEE international conference on computational intelligence in data science
Chellam A, Ramanathan L, Ramani S (2018) Intrusion detection in computer networks using lazy learning algorithm. Procedia Comput Sci 132:928–936
Cieslak DA, Chawla NV, Striegel A (2006) Combating imbalance in network intrusion datasets. In: GrC, pp 732–737
Wang W, Battiti R (2006) Identifying intrusions in computer networks with principal component analysis. In: Proceedings of the first international conference on availability, reliability and security, pp 270–279
Shahbaz MB, Wang X, Behnad A, Samarabandu J (2016) On efficiency enhancement of the correlation-based feature selection for intrusion detection systems. In: 2016 IEEE 7th annual information technology, electronics and mobile communication conference (IEMCON), pp 1–7
Rathore MM, Paul A, Ahmad A, Rho S, Imran M, Guizani M (2016) Hadoop based real-time intrusion detection for high-speed networks. In: 2016 IEEE global communications conference (GLOBECOM), pp 1–6
Dahiya P, Srivastava DK (2018) Network intrusion detection in big dataset using spark. Procedia Comput Sci 132:253–262
Wu Y, Zhu Y, Huang T (2015) Distributed discord discovery: spark based anomaly detection in time series. IEEE
Dromard J, Roudière G, Owezarski P (2015) Unsupervised network anomaly detection in real-time on big data. Springer, Berlin
Hayes MA, Capretz MAM (2015) Contextual anomaly detection framework for big sensor data. Springer, Berlin
Bamakan SMH, Wang H, Shi Y (2017) Ramp loss K-support vector classification-regression; a robust and sparse multi-class approach to the intrusion detection problem. Knowl-Based Syst 126:113–126
Ghanem TF, Elkilani WS, Abdul-kader HM (2014) A hybrid approach for efficient anomaly detection using metaheuristic methods. J Adv Res
Selvakumar B, Muneeswaran K (2019) Firefly algorithm based feature selection for network intrusion detection. Comput Secur 81:148–155
Salo F, Nassif AB, Essex A (2019) Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection. Comput Netw 148:164–175
Shenfield A, Day D, Ayesh A (2018) Intelligent intrusion detection systems using artificial neural networks. ICT Express 4(2):95–99
Wang CR, Xu RF, Lee SJ, Lee CH (2018) Network intrusion detection using equality constrained-optimization-based extreme learning machines. Knowl-Based Syst 147:68–80
Huang G-B, Chen L, Siew C-K (2006) Universal approximation using incremental constructive feedforward networks with random hidden nodes. IEEE Trans Neural Netw 17(4):879–892
Huang G-B, Chen L (2008) Enhanced random search based incremental extreme learning machine. Neurocomputing 71(16):3460–3468
Feng G, Huang G-B, Lin Q, Gay R (2009) Error minimized extreme learning machine with growth of hidden nodes and incremental learning. IEEE Trans Neural Netw 20(8):1352–1357
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sanjith, S.L., George Dharma Prakash Raj, E. (2020). Decentralized Bagged Stacking Ensemble Mechanism (DBSEM) for Anomaly Detection. In: Ranganathan, G., Chen, J., Rocha, Á. (eds) Inventive Communication and Computational Technologies. Lecture Notes in Networks and Systems, vol 89. Springer, Singapore. https://doi.org/10.1007/978-981-15-0146-3_71
Download citation
DOI: https://doi.org/10.1007/978-981-15-0146-3_71
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0145-6
Online ISBN: 978-981-15-0146-3
eBook Packages: EngineeringEngineering (R0)