TY - GEN
T1 - An ANN Based Sequential Detection Method for Balancing Performance Indicators of IDS
AU - Zhao, Hao
AU - Feng, Yaokai
AU - Koide, Hiroshi
AU - Sakurai, Kouichi
PY - 2019/11
Y1 - 2019/11
N2 - In recent years, the number of cyber attacks has been increasing rapidly and network security has become an important issue. As a vital component of defense against network threats, intrusion detection system (IDS) was introduced and machine learning algorithms have been widely used in such systems for high detection performance. There are several evaluation indices such as false positive rate, false negative rate, and so on. A problem is that these indices are often related to each other. For example, while we try to decrease the false positive rate, the false negative rate often tends to increase, and vice versa. In this study, we proposed an ANN based sequential classifier method to mitigate this problem. Specifically, we try to train ANN to have a low false positive rate, despite which may lead to high false negative rate. Then, the reported negative instances are sent to the next ANN to make a further investigation, where the false negative instances reported at the previous ANN may be classified correctly. In this way, the final false negative rate can also be improved greatly. The results of the experiment shows that the proposed method can bring lower false negative rate and higher accuracy of detection while making the false positive rate at an acceptable level. Moreover, the optimum number of ANNs for our proposal is also investigated and discussed in this study.
AB - In recent years, the number of cyber attacks has been increasing rapidly and network security has become an important issue. As a vital component of defense against network threats, intrusion detection system (IDS) was introduced and machine learning algorithms have been widely used in such systems for high detection performance. There are several evaluation indices such as false positive rate, false negative rate, and so on. A problem is that these indices are often related to each other. For example, while we try to decrease the false positive rate, the false negative rate often tends to increase, and vice versa. In this study, we proposed an ANN based sequential classifier method to mitigate this problem. Specifically, we try to train ANN to have a low false positive rate, despite which may lead to high false negative rate. Then, the reported negative instances are sent to the next ANN to make a further investigation, where the false negative instances reported at the previous ANN may be classified correctly. In this way, the final false negative rate can also be improved greatly. The results of the experiment shows that the proposed method can bring lower false negative rate and higher accuracy of detection while making the false positive rate at an acceptable level. Moreover, the optimum number of ANNs for our proposal is also investigated and discussed in this study.
UR - http://www.scopus.com/inward/record.url?scp=85078943397&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85078943397&partnerID=8YFLogxK
U2 - 10.1109/CANDAR.2019.00039
DO - 10.1109/CANDAR.2019.00039
M3 - Conference contribution
T3 - Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019
SP - 239
EP - 244
BT - Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 7th International Symposium on Computing and Networking, CANDAR 2019
Y2 - 26 November 2019 through 29 November 2019
ER -