請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/55133
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 王勝德 | |
dc.contributor.author | Zhi-Jie Zhang | en |
dc.contributor.author | 張智傑 | zh_TW |
dc.date.accessioned | 2021-06-16T03:48:26Z | - |
dc.date.available | 2017-03-13 | |
dc.date.copyright | 2015-03-13 | |
dc.date.issued | 2015 | |
dc.date.submitted | 2015-01-27 | |
dc.identifier.citation | [1] ACMSIGKDD, 'http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html'. 1999.
[2] N. B. AMOR, S. BENFERHAT, and Z. ELOUEDI. 'Naive bayes vs decision trees in intrusion detection systems'. in Proceedings of the 2004 ACM symposium on Applied computing. 2004. ACM. [3] Z. A. BAIG, A. S. SHAHEEN, and R. ABDELAAL. 'An AODE-based intrusion detection system for computer networks'. in Internet Security (WorldCIS), 2011 World Congress on. 2011. IEEE. [4] V. BOLON-CANEDO, N. SANCHEZ-MARONO, and A. ALONSO-BETANZOS, 'Feature selection and classification in multiple class datasets: An application to KDD Cup 99 dataset'. Expert Systems with Applications, 2011. 38(5): p. 5947-5957. [5] V. BOLON-CANEDO, N. SANCHEZ-MAROO, and A. ALONSO-BETANZOS. 'A combination of discretization and filter methods for improving classification performance in KDD Cup 99 dataset'. in Neural Networks, 2009. IJCNN 2009. International Joint Conference on. 2009. IEEE. [6] BRO. 2014; Available from: https://www.bro.org/index.html. [7] V. CHANDOLA, A. BANERJEE, and V. KUMAR, 'Anomaly detection: A survey'. ACM Computing Surveys (CSUR), 2009. 41(3): p. 15. [8] S. CHEBROLU, A. ABRAHAM, and J. P. THOMAS, 'Feature deduction and ensemble design of intrusion detection systems'. Computers & Security, 2005. 24(4): p. 295-307. [9] CISCO. 2014; Available from: http://www.cisco.com/c/en/us/solutions/service-provider/visual-networking-index-vni/index.html. [10] G. F. COOPER and E. HERSKOVITS, 'A Bayesian method for the induction of probabilistic networks from data'. Machine learning, 1992. 9(4): p. 309-347. [11] S. F. CRONE, S. LESSMANN, and R. STAHLBOCK, 'The impact of preprocessing on data mining: An evaluation of classifier sensitivity in direct marketing'. European Journal of Operational Research, 2006. 173(3): p. 781-800. [12] M. DASH and H. LIU, 'Consistency-based search in feature selection'. Artificial Intelligence, 2003. 151(1-2): p. 155-176. [13] J. DERRAC, S. GARCIA, L. SANCHEZ, and F. HERRERA, 'KEEL Data-Mining Software Tool: Data Set Repository, Integration of Algorithms and Experimental Analysis Framework'. Journal of Multiple-Valued Logic and Soft Computing 2011. [14] C. ELKAN, 'Results of the KDD'99 Classifier Learning Contest'. 1999. [15] G. GIACINTO and F. ROLI, 'An approach to the automatic design of multiple classifier systems'. Pattern recognition letters, 2001. 22(1): p. 25-33. [16] E. GUILLEN, J. RODRIGUEZ, R. PAEZ, and A. RODRIGUEZ. 'Detection of non-content based attacks using GA with extended KDD features'. in Proceedings of the world congress on engineering and computer science. 2012. [17] M. A. HALL, Correlation-based feature selection for machine learning. 1999, The University of Waikato. [18] H. HE and E. A. GARCIA, 'Learning from imbalanced data'. Knowledge and Data Engineering, IEEE Transactions on, 2009. 21(9): p. 1263-1284. [19] D. HECKERMAN, A tutorial on learning with Bayesian networks, in Innovations in Bayesian Networks. 2008, Springer. p. 33-82. [20] P. HELMAN, G. LIEPINS, and W. RICHARDS. 'Foundations of intrusion detection [computer security]'. in Computer Security Foundations Workshop V, 1992. Proceedings. 1992. IEEE. [21] S.-J. HORNG, M.-Y. SU, Y.-H. CHEN, T.-W. KAO, et al., 'A novel intrusion detection system based on hierarchical clustering and support vector machines'. Expert Systems with Applications, 2011. 38(1): p. 306-313. [22] W. HU, W. HU, and S. MAYBANK, 'Adaboost-based algorithm for network intrusion detection'. Systems, Man, and Cybernetics, Part B: Cybernetics, IEEE Transactions on, 2008. 38(2): p. 577-583. [23] L. KOC, T. A. MAZZUCHI, and S. SARKANI, 'A network intrusion detection system based on a Hidden Naive Bayes multiclass classifier'. Expert Systems with Applications, 2012. 39(18): p. 13492-13500. [24] R. KOHAVI and G. H. JOHN, 'Wrappers for feature subset selection'. Artificial intelligence, 1997. 97(1): p. 273-324. [25] H. LIU and R. SETIONO, 'Feature selection via discretization'. IEEE Transactions on knowledge and Data Engineering, 1997. 9(4): p. 642-645. [26] S. PEDDABACHIGARI, A. ABRAHAM, C. GROSAN, and J. THOMAS, 'Modeling intrusion detection system using hybrid intelligent systems'. Journal of Network and Computer Applications, 2007. 30(1): p. 114-132. [27] J. R. QUINLAN, C4. 5: programs for machine learning. Vol. 1. 1993: Morgan kaufmann. [28] J. J. RODRIGUEZ, L. I. KUNCHEVA, and C. J. ALONSO, 'Rotation forest: A new classifier ensemble method'. Pattern Analysis and Machine Intelligence, IEEE Transactions on, 2006. 28(10): p. 1619-1630. [29] M. SABHNANI and G. SERPEN. 'Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context'. in MLMTA. 2003. [30] K. SCARFONE and P. MELL, 'Guide to intrusion detection and prevention systems (idps)'. NIST special publication, 2007. 800(2007): p. 94. [31] M. K. SIDDIQUI and S. NAAHID, 'Analysis of KDD CUP 99 Dataset using Clustering based Data Mining'. International Journal of Database Theory and Application, 2013. 6(5): p. 23-34. [32] B. SIERRA, N. SERRANO, P. LARRANAGA, E. J. PLASENCIA, et al., 'Using Bayesian networks in the construction of a bi-level multi-classifier. A case study using intensive care unit patients data'. Artificial Intelligence in Medicine, 2001. 22(3): p. 233-248. [33] S. S. SIVATHA SINDHU, S. GEETHA, and A. KANNAN, 'Decision tree based light weight intrusion detection using a wrapper approach'. Expert Systems with Applications, 2012. 39(1): p. 129-141. [34] SNORT. 2014; Available from: https://www.snort.org/. [35] M. TAVALLAEE, E. BAGHERI, W. LU, and A.-A. GHORBANI. 'A detailed analysis of the KDD CUP 99 data set'. in Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defence Applications 2009. 2009. [36] A. N. TOOSI and M. KAHANI, 'A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers'. Computer Communications, 2007. 30(10): p. 2201-2212. [37] WEKA. 2014; Available from: http://www.cs.waikato.ac.nz/~ml/weka/. [38] S. WOLD, K. ESBENSEN, and P. GELADI, 'Principal component analysis'. Chemometrics and intelligent laboratory systems, 1987. 2(1): p. 37-52. [39] C. XIANG, P. C. YONG, and L. S. MENG, 'Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees'. Pattern Recognition Letters, 2008. 29(7): p. 918-924. [40] L. XIAO, Y. CHEN, and C. K. CHANG. 'Bayesian Model Averaging of Bayesian Network Classifiers for Intrusion Detection'. in Computer Software and Applications Conference Workshops (COMPSACW), 2014 IEEE 38th International. 2014. IEEE. [41] Y. YANG and G. I. WEBB, Proportional k-interval discretization for naive-Bayes classifiers, in Machine learning: ECML 2001. 2001, Springer. p. 564-575. [42] D.-Y. YEUNG and C. CHOW. 'Parzen-window network intrusion detectors'. in Pattern Recognition, 2002. Proceedings. 16th International Conference on. 2002. IEEE. [43] Z. ZHAO and H. LIU. 'Searching for Interacting Features'. in IJCAI. 2007. | |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/55133 | - |
dc.description.abstract | 網路活動在近幾年行動裝置普及和雲端化趨勢的推動下有顯著成長,因此入侵偵測系統的存在是非常重要的。由於實際網路流量中相對於正常連接,攻擊的存在是少量的,因此許多基於統計模型的監督式入侵偵測系統不易偵測與分類這些少量但有害的攻擊。本研究中,提出一個基於多個分類器的結合並透過階層式分類平衡數據量的入侵偵測系統,依資料中各類的錯誤成本敏感程度與類包含資料的數目作為分割依據,利用多個二元分類器與一個多類分類器將資料中的每一類依序找出。此方法優點在於富彈性適合各種流行的分類演算法,同時不需修改原始訓練資料統計分布,可以降低入侵偵測中因為原始訓練資料集的各類資料數量相差過大造成的分類誤差,對錯誤成本較敏感的網路入侵資料平均成本也有降低。實驗與結果評估採用KDD CUP 99 資料集入侵偵測資料集以及其修改後之ND-KDD資料集測試,在ND-KDD資料集實驗,四種演算法使用階層式多重分類器的錯誤率平均降低百分之十六,平均成本降低百分之十三。 | zh_TW |
dc.description.abstract | Recently, under the popularity of mobile device and the driving of cloud computing, the network activities has grown remarkably. Thus, the Intrusion Detection Systems become very important. Compare to the regular connection, the attacks are relatively lesser in actual Internet traffic. Therefore, lots of supervisor’s intrusion detection systems, which are designed by the basis of statistical model are not easy to detect and classify those few but harmful attacking. In the paper, we propose an Intrusion Detection System which is based on the multi-classifier that can balance the numbers of data through hierarchical classifications. The different sensitivity of all various error cost and the numbers of data included in class are the basis of dividing. We take multi binary-classifier and single multiclass classifier to find every class from data in order. The benefit of the way is rich of flexibility and suitable for all kinds of popular classifcation algorithms. During intrusion detecting, it can less the classify errors which were caused by the variances in the numbers of all types of original training data set without modifying the distribution of original training data. It also less the average cost for intrusion detection data which are sensitive to error cost. The assessment of experimental method and result will be testified adopting KDD CUP 99 and the modified ND-KDD. In the ND-KDD, the four kinds of algorithms, which are hierarchical multi classifications can less 16% error rates and 13% average costs. | en |
dc.description.provenance | Made available in DSpace on 2021-06-16T03:48:26Z (GMT). No. of bitstreams: 1 ntu-104-R01921025-1.pdf: 1391679 bytes, checksum: 3b968da19368f3140697c494f1cdef2f (MD5) Previous issue date: 2015 | en |
dc.description.tableofcontents | 摘要 ii
Abstract iii 第一章 緒論 1 第一節 入侵偵測系統 1 第二節 不平衡資料集 2 第三節 貢獻 2 第四節 論文架構 3 第二章 相關文獻 4 第一節 網路入侵偵測 4 第二節 多分類器 4 第三節 不平衡資料集 5 第三章 分類器 6 第一節 預處理 6 第一項 離散化 7 第二項 屬性選擇 7 第二節 分類演算法 8 第一項 Naive Bayes分類器 8 第二項 Bayesian Network分類器 9 第三項 Hidden Naive Bayes分類器 10 第四項 決策樹 10 第四章 研究方法 12 第一節 資料集 12 第一項 KDD CUP 99資料集 12 第二項 ND-KDD資料集 15 第二節 系統架構 17 第一項 重新平衡資料 17 第二項 訓練分類器 20 第三節 評估函數 20 第一項 精確度與錯誤率 20 第二項 平均成本 21 第三項 新型態攻擊 22 第五章 實驗與結果 23 第一節 分層方式差異 23 第二節 單一多類分類器比較 23 第一項 錯誤率 24 第二項 平均成本 25 第三項 新型態攻擊 26 第三節 其他研究比較 27 第四節 其他平衡方式 28 第五節 其他不平衡資料集 30 第六節 討論 33 第六章 結論與未來方向 34 參考文獻 35 | |
dc.language.iso | zh-TW | |
dc.title | 適用於網路入侵偵測不平衡資料之階層式多重分類器 | zh_TW |
dc.title | A Novel Hierarchical Multi-classifier for Imbalanced Dataset in Network Intrusion Detection | en |
dc.type | Thesis | |
dc.date.schoolyear | 103-1 | |
dc.description.degree | 碩士 | |
dc.contributor.oralexamcommittee | 雷欽隆,于天立,鄧惟中 | |
dc.subject.keyword | 入侵偵測系統,不平衡資料集,階層式分類器, | zh_TW |
dc.subject.keyword | Intrusion detection systems,imbalanced dataset,hierarchical classifier, | en |
dc.relation.page | 38 | |
dc.rights.note | 有償授權 | |
dc.date.accepted | 2015-01-27 | |
dc.contributor.author-college | 電機資訊學院 | zh_TW |
dc.contributor.author-dept | 電機工程學研究所 | zh_TW |
顯示於系所單位: | 電機工程學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-104-1.pdf 目前未授權公開取用 | 1.36 MB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。