The practice on using machine learning for network anomaly intrusion detection

Research output: Chapters, Conference Papers, Creative and Literary WorksRGC 32 - Refereed conference paper (with host publication)peer-review

43 Scopus Citations
View graph of relations

Author(s)

  • Yu-Xin Meng

Related Research Unit(s)

Detail(s)

Original languageEnglish
Title of host publicationProceedings - International Conference on Machine Learning and Cybernetics
Pages576-581
Volume2
Publication statusPublished - 2011

Publication series

Name
Volume2
ISSN (Print)2160-133X
ISSN (electronic)2160-1348

Conference

Title2011 International Conference on Machine Learning and Cybernetics, ICMLC 2011
PlaceChina
CityGuilin, Guangxi
Period10 - 13 July 2011

Abstract

Machine learning is regarded as an effective tool utilized by intrusion detection system (IDS) to detect abnormal activities from network traffic. In particular, neural networks, support vector machines (SVM) and decision trees are three significant and popular schemes borrowed from the machine learning community into intrusion detection in recent academic research. However, these machine learning schemes are rarely employed in large-scale practical settings. In this paper, we implement and compare machine learning schemes of neural networks, SVM and decision trees in a uniform environment with the purpose of exploring the practice and issues of using these approaches in detecting abnormal behaviors. With the analysis of experimental results, we claim that the real performance of machine learning algorithms depends heavily on practical context. Therefore, the machine learning approaches are supposed to be applied in an appropriate way in terms of the actual settings. © 2011 IEEE.

Research Area(s)

  • Decision tree, Intrusion detection, Machine learning, Neural network, Support vector machine

Citation Format(s)

The practice on using machine learning for network anomaly intrusion detection. / Meng, Yu-Xin.
Proceedings - International Conference on Machine Learning and Cybernetics. Vol. 2 2011. p. 576-581 6016798.

Research output: Chapters, Conference Papers, Creative and Literary WorksRGC 32 - Refereed conference paper (with host publication)peer-review