Outline
- Abstract
- Keywords
- 1. Introduction
- 2. Machine Learning Techniques
- 2.1. Pattern Classification
- 2.2. Single Classifiers
- 2.2.1. K-Nearest Neighbor
- 2.2.2. Support Vector Machines
- 2.2.3. Artificial Neural Networks
- 2.2.4. Self-Organizing Maps
- 2.2.5. Decision Trees
- 2.2.6. Naïve Bayes Networks
- 2.2.7. Genetic Algorithms
- 2.2.8. Fuzzy Logic
- 2.3. Hybrid Classifiers
- 2.4. Ensemble Classifiers
- 3. Comparisons of Related Work
- 3.1. Types of Classifier Design
- 3.2. Single Classifiers
- 3.3. Hybrid Classifiers
- 3.4. Baselines
- 3.5. Datasets
- 3.6. Feature Selection
- 4. Discussion and Conclusion
- References
رئوس مطالب
- چکیده
- کلید واژه ها
- 1.مقدمه
- 2. تکنیک های یادگیری ماشین
- 2.1. طبقه بندی الگوها
- 2.2. طبقه بندی تکی
- 2.2.1. k نزدیکترین همسایه
- 2.2.2. ماشین های بردار پشتیبانی
- 2.2.3. شبکه های عصبی مصنوعی
- 2.2.4. نگاشت های خود سازمان ده
- 2.2.5. درخت های تصمیم
- 2.2.6. شبکه های ساده بیز
- 2.2.7. الگوریتم های ژنتیکی
- 2.2.8. منطق فازی
- 2.3. طبقه بندی ترکیبی
- 2.4. طبقه بندی گروهی
- 3. مقایسه تحقیقات مرتبط
- 3.1. مدل های طراحی طبقه بند
- 3.2. طبقه بندی تکی
- 3.3. طبقه بندی ترکیبی
- 3.4. خطوط مبنا
- 3.5. مجموعه داده ها
- 3.6. انتخاب ویژگی
- 4. بحث و نتیجه گیری
Abstract
The popularity of using Internet contains some risks of network attacks. Intrusion detection is one major research problem in network security, whose aim is to identify unusual access or attacks to secure internal networks. In literature, intrusion detection systems have been approached by various machine learning techniques. However, there is no a review paper to examine and understand the current status of using machine learning techniques to solve the intrusion detection problems. This chapter reviews 55 related studies in the period between 2000 and 2007 focusing on developing single, hybrid, and ensemble classifiers. Related studies are compared by their classifier design, datasets used, and other experimental setups. Current achievements and limitations in developing intrusion detection systems by machine learning are present and discussed. A number of future research directions are also provided.
Discussion and conclusion
We have reviewed current studies of intrusion detection by machine learning techniques. In particular, this paper reviews recent papers which are between 2000 and 2007. In addition, we consider a large number of machine learning techniques used in the intrusion detection domain for the review including single, hybrid, and ensemble classifiers. Regarding the comparative results of related work, developing intrusion detection systems using machine learning techniques still needs to be researched. The following issues could be useful for future research.
Baseline classifiers. The chosen one single classifier for the model comparison and evaluation may be no longer a good candidate as the baseline classifier. It would be valuable if different ensemble classifiers and hybrid classifiers are compared in terms of prediction accuracy.
The architecture of multiple classifiers. Designing more sophisticated classifiers via combining ensemble and hybrid classifiers can be examined. Since the idea of combining multiple classifiers is to collaborate each other instead of competition, it may be worth combining ensemble and hybrid classifiers for intrusion detection.
Feature selection. As there are numbers of feature selection approaches, the reviewed studies which consider feature selection only choose one specific method, it is not known which method perform the best especially under what classification techniques for intrusion detection.