Authors: S.L. Sanjith; E. George Dharma Prakash Raj
Addresses: Indian Institute of Management Tiruchirappalli, Pudukkottai Main Road, Chinna Sooriyur Village, Tiruchirappalli, 620-024, Tamil Nadu, India ' School of Computer Science and Engineering, Bharathidasan University, Tiruchirappalli, 620023, Tamil Nadu, India
Abstract: Intrusion detection in networks is a challenging process, mainly due to huge amount of data and the imbalanced nature of the data. Further, the ever-changing transmission patterns introduce concept drift, which also exhibits a huge challenge. This work presents a heterogeneous ensemble based prediction model to detect anomalies in the network environment. The major goal of the proposed model is to provide faster, more efficient real-time predictions and to enhance the reliability of the model by providing an iterative mechanism to handle concept drifts. The ensemble is created using three varied base learners and the results are aggregated using a voting combiner to provide results. Decision tree, random forest, and gradient boosting trees are used as the base learners. The varied nature of the learners enables effective performances in models. Further reinforcement and an iterative training component is introduced into the model to handle concept drift. Experiments were performed on benchmark intrusion detection data and the results indicate the high performing nature of the model. Comparisons were performed with recent state-of-the-art models in literature and they indicate improved performances of the proposed model, indicating the high performing nature of the proposed ensemble model.
Keywords: ensemble model; decision tree; random forest; gradient boosting trees; voting; anomaly detection.
International Journal of Intelligent Enterprise, 2020 Vol.7 No.1/2/3, pp.155 - 165
Received: 06 Nov 2018
Accepted: 14 Jan 2019
Published online: 27 Jan 2020 *