Title: Performance evaluation of intrusion detection system using classifier ensembles

Authors: Bayu Adhi Tama; Kyung-Hyune Rhee

Addresses: Laboratory of Information Security and Internet Applications, Department of IT Convergence and Application Engineering, Pukyong National University, South Korea ' Laboratory of Information Security and Internet Applications, Department of IT Convergence and Application Engineering, Pukyong National University, South Korea

Abstract: An intrusion detection system (IDS) plays a critical role in computer protection systems. Numerous approaches such as machine learning, data mining, and statistical techniques have been examined for IDS task. Recent studies reveal that combining multiple classifiers, i.e., classifiers ensemble, may possess better performance compared to single classifier. In this paper, we conduct a comparative study of the performance of five renowned ensemble techniques, i.e., bagging, stacking, boosting, rotation forest, and voting, based on three base classifiers, i.e., decision tree (C4.5), convolutional neural network (CNN), and support vector machine (SVM). Based on the experimental results, boosting and stacking perform better than bagging, rotation forest, and voting scheme. In particular, boosting-C4.5 and stacking possess the best performance in terms of performance metrics such as accuracy, precision, recall, and AUC value.

Keywords: intrusion detection systems; IDS; ensemble classification; performance indicators; data security; bagging; stacking; boosting; rotation forest; voting; decision tree; convolutional neural networks; CNNs; support vector machines; SVM.

DOI: 10.1504/IJIPT.2017.083033

International Journal of Internet Protocol Technology, 2017 Vol.10 No.1, pp.22 - 29

Available online: 13 Mar 2017 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article