Intrusion detection based on dendritic cell algorithm and twin support vector machine

doi:10.11772/j.issn.1001-9081.2015.11.3087

Journal of Computer Applications ›› 2015, Vol. 35 ›› Issue (11): 3087-3091.DOI: 10.11772/j.issn.1001-9081.2015.11.3087

• DPCS 2015 Paper • Previous Articles Next Articles

Intrusion detection based on dendritic cell algorithm and twin support vector machine

LIANG Hong, GE Yufei, CHEN Lin, WANG Wenjiao

College of Computer and Communication Engineering, China University of Petroleum, Qingdao Shandong 266580, China

Received:2015-06-17 Revised:2015-07-17 Published:2015-11-13

基于树突细胞算法与对支持向量机的入侵检测

梁鸿, 葛宇飞, 陈林, 王雯娇

中国石油大学计算机与通信工程学院, 山东青岛 266580

通讯作者: 葛宇飞(1991-),男,黑龙江牡丹江人,硕士研究生,CCF会员,主要研究方向:高性能计算、信息安全、Web数据库.
作者简介:梁鸿(1966-),男,四川隆昌人,教授,博士,主要研究方向:高性能计算、计算机网络; 陈林(1990-),男,内蒙古呼伦贝尔人,硕士研究生,主要研究方向:高性能计算; 王雯娇(1992-),女,四川隆昌人,硕士研究生,主要研究方向:高性能计算.
基金资助:
国家自然科学基金资助项目(61309024);中央高校基本科研业务费专项资金资助项目(15CX02046A).

Abstract

Abstract: In order to solve the problem that network intrusion detection was weak in training speed, real-time process and high false positive rate when dealing with big data, a Dendritic Cell TWin Support Vector Machine (DCTWSVM) approach was proposed. The Dendritic Cell Algorithm (DCA) was firstly used for the basic intrusion detection, and then the TWin Support Vector Machine (TWSVM) was applied to optimize the first step detection outcome. The experiments were carried out for testing the performance of the approach. The experimental results show that DCTWSVM respectively improves the detection accuracy by 2.02%, 2.30%, and 5.44% compared with DCA, Support Vector Machine (SVM) and Back Propagation (BP) neural network, and reduces the false positive rate by 0.26%, 0.46%, and 0.90%. The training speed is approximately twice as the SVM, and the brief training time is another advantage. The results indicate that the DCTWSVM is suitable for the comprehensive intrusion detection environment and helpful to the real-time intrusion process.

Key words: Dendritic Cell Algorithm (DCA), TWin Support Vector Machine (TWSVM), intrusion detection, big data

摘要： 针对入侵检测技术在处理大规模数据时存在的高误报率、低训练速度和低实时性的问题,提出了一种基于树突细胞算法与对支持向量机的入侵检测策略(DCTWSVM).利用树突细胞算法(DCA)对威胁数据进行初始检测,在此基础上利用对支持向量机(TWSVM)进行检测结果的优化处理.为了验证策略的有效性,设计性能对比实验,实验结果表明,相较于DCA、支持向量机(SVM)、反向传播(BP)神经网络,DCTWSVM策略的检测精度提高了2.02%、2.30%、5.44%,误报率分别降低了0.26%、0.46%、0.90%,训练速度相较于SVM提高了两倍且只需耗费极少的训练时间,可以更好地适用于大规模数据下的实时入侵检测环境.

关键词: 树突细胞算法, 对支持向量机, 入侵检测, 大数据

CLC Number:

TP393.08

LIANG Hong, GE Yufei, CHEN Lin, WANG Wenjiao. Intrusion detection based on dendritic cell algorithm and twin support vector machine[J]. Journal of Computer Applications, 2015, 35(11): 3087-3091.

梁鸿, 葛宇飞, 陈林, 王雯娇. 基于树突细胞算法与对支持向量机的入侵检测[J]. 计算机应用, 2015, 35(11): 3087-3091.

References

[1] LIAO H, LIN C, LIN Y, et al. Intrusion detection system: a comprehensive review[J] . Journal of Network and Computer Applications, 2013, 36(1): 16-24.
[2] KREUTZ D, RAMOS F M V, ESTEVES VERISSIMO P, et al. Software-defined networking: a comprehensive survey[J]. Proceedings of the IEEE, 2015, 103(1): 14-76.
[3] AICKELIN U, DIPANKAR D. FENG G. Artificial immune systems[M]. Berlin: Springer, 2014: 187-211.
[4] HUA Y, LI T, HU X, et al. A survey of artificial immune system based intrusion detection[J]. The Scientific World Journal, 2014, 2014(3): 156790.
[5] FANG X, WANG L, KANG J, et al. On dendritic cell algorithm and its theoretical investigation[J]. Computer Science, 2015, 42(2): 131-133.(方贤进, 王丽, 康佳, 等. 树突细胞算法及其理论研究[J]. 计算机科学, 2015, 42(2): 131-133.)
[6] SALMON H M, FARIAS C M D, LOUREIRO P, et al. Intrusion detection system for wireless sensor networks using danger theory immune-inspired techniques[J]. International Journal of Wireless Information Networks, 2013, 20(1): 39-66.
[7] FENG G, GREENSMITH J, AICKELIN U. The dendritic cell algorithm for intrusion detection[M]. IGI Global: Bio-Inspired Communications and Networking, 2011: 84-102.
[8] ZONG W, HUANG G, CHEN Y. Weighted extreme learning machine for imbalance learning[J]. Neurocomputing, 2013, 101(3): 229-242.
[9] LIN W J, CHEN J J. Class-imbalanced classifiers for high-dimensional data[J]. Briefings in Bioinformatics, 2013, 14(1): 13-26.
[10] HE Q, LI N, LUO W, et al. A survey of machine learning algorithms for big data[J]. Pattern Recognition and Artificial Intelligence, 2014, 27(4): 327-336. (何清, 李宁, 罗文娟, 等. 大数据下的机器学习算法综述[J]. 模式识别与人工智能, 2014, 27(4): 327-336.)
[11] JAEHAK Y, LEE H, KIM M S, et al. Traffic flooding attack detection with SNMP MIB using SVM[J]. Computer Communications, 2008, 31(17): 4212-4219.
[12] JIANG C, ZHANG G, LI Z. Abnormal intrusion detection for embedded network system based on genetic algorithm optimised SVM[J]. Computer Applications and Software, 2011, 28(2): 287-289. (姜春茂, 张国印, 李志聪. 基于遗传算法优化SVM的嵌入式网络系统异常入侵检测[J]. 计算机应用与软件, 2011, 28(2): 287-289.)
[13] NIE P, ZANG L, LIU L. Application of multi-class classification algorithm based on twin support vector machine in intrusion detection[J]. Journal of Computer Applications, 2013, 33(2): 426-429. (聂盼盼, 臧洌, 刘雷雷. 基于对支持向量机的多类分类算法在入侵检测中的应用[J]. 计算机应用, 2013, 33(2): 426-429.)
[14] VLADIMIR V. The nature of statistical learning theory[M]. Berlin: Springer Science & Business Media, 2000: 2-6.
[15] HE J, ZHENG S. Intrusion detection model with twin support vector machines[J]. Journal of Shanghai Jiaotong University: Science, 2014, 19(4): 448-454.
[16] MANGASARIAN O L. Nonlinear programming[M]. [S.l.]: Society for Industrial and Applied Mathematics, 1993: 10.
[17] KURT A K, HALL L O, GOLDGOF D B, et al. Fast support vector machines for continuous data[J]. IEEE Transactions on Systems, Man, and Cybernetics, 2009, 39(4): 989-1001.

Intrusion detection based on dendritic cell algorithm and twin support vector machine

基于树突细胞算法与对支持向量机的入侵检测

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

[1]	ZHANG Shipeng, LI Yongzhong, DU Xiangtong. Intrusion detection model based on semi-supervised learning and three-way decision [J]. Journal of Computer Applications, 2021, 41(9): 2602-2608.
[2]	WANG Yue, JIANG Yiming, LAN Julong. Intrusion detection based on improved triplet network and K-nearest neighbor algorithm [J]. Journal of Computer Applications, 2021, 41(7): 1996-2002.
[3]	WANG Yao, SUN Guozi. Oversampling method for intrusion detection based on clustering and instance hardness [J]. Journal of Computer Applications, 2021, 41(6): 1709-1714.
[4]	ZHANG Quanlong, WANG Huaibin. Intrusion detection model based on combination of dilated convolution and gated recurrent unit [J]. Journal of Computer Applications, 2021, 41(5): 1372-1377.
[5]	REN Xiaokui, LIU Pengfei, TAO Zhiyong, LIU Ying, BAI Lichun. Indoor intrusion detection based on direction-of-arrival estimation algorithm for single snapshot [J]. Journal of Computer Applications, 2021, 41(4): 1153-1159.
[6]	ZHOU Xiang, ZHAI Junhai, HUANG Yajie, SHEN Ruicai, HOU Yingzhen. Instance selection algorithm for big data based on random forest and voting mechanism [J]. Journal of Computer Applications, 2021, 41(1): 74-80.
[7]	CAO Cejun, LIU Ju. Overview of modeling method of emergency organization decision in disaster operations management [J]. Journal of Computer Applications, 2020, 40(7): 2142-2149.
[8]	ZHU Xiaojie, ZHAO Zihao, DU Yi. PiFlow: model driven big data pipeline framework [J]. Journal of Computer Applications, 2020, 40(6): 1638-1647.
[9]	CHENG Xiaohui, NIU Tong, WANG Yanjun. Wireless sensor network intrusion detection system based on sequence model [J]. Journal of Computer Applications, 2020, 40(6): 1680-1684.
[10]	WU Wenli, LIU Guohua, ZHANG Junbao. Complexity analysis of functional query answering on big data [J]. Journal of Computer Applications, 2020, 40(2): 416-419.
[11]	OU Binli, ZHONG Xiaru, DAI Jianhua, YANG Tian. Intrusion detection method based on variable precision covering rough set [J]. Journal of Computer Applications, 2020, 40(12): 3465-3470.
[12]	LI Zhongwei, TAN Kai, GUAN Yadong, JIANG Wenqi, YE Lin. In-vehicle CAN bus-off attack and its intrusion detection algorithm [J]. Journal of Computer Applications, 2020, 40(11): 3224-3228.
[13]	LI Ziying, SHI Zhenguo. Scheduling method for big data tasks [J]. Journal of Computer Applications, 2020, 40(10): 2923-2928.
[14]	CHI Yaping, MO Chongwei, YANG Yintan, CHEN Chunxia. Design and implementation of intrusion detection model for software defined network architecture [J]. Journal of Computer Applications, 2020, 40(1): 116-122.
[15]	YANG Hongyu, WANG Fengyan. Network intrusion detection model based on improved convolutional neural network [J]. Journal of Computer Applications, 2019, 39(9): 2604-2610.