D. K. Bhattacharyya

Network attacks: Taxonomy, tools and systems

To prevent and defend networks from the occurrence of attacks, it is highly essential that we have a broad knowledge of existing tools and systems available in the public domain. Based on the behavior and possible impact or severity of damages, attacks are categorized into a number of distinct classes. In this survey, we provide a taxonomy of attack tools in a consistent way for the benefit of network security researchers. This paper also presents a comprehensive and structured survey of existing tools and systems that can support both attackers and network defenders. We discuss pros and cons of such tools and systems for better understanding of their capabilities. Finally, we include a list of observations and some research challenges that may help new researchers in this field based on our hands-on experience.

Classification of microarray cancer data using ensemble approach

An ensemble of classifiers is created by combining predictions of multiple component classifiers for improving prediction performance. In this paper, we conduct experimental comparison of J48, NB, IBK on nine microarray cancer datasets and also analyze their performance with Bagging, Boosting and Stack Generalization. The experimental results show that all ensemble methods outperform the individual classification methods. We then present a method, referred to as SD-EnClass, for combining classifiers from different classification families into an ensemble, based on a simple estimation of each classifier’s class performance. The experimental results show that the proposed model improves classification accuracy, in comparison to simply selecting the best classifier in the combination. In the second stage, we combine the results of our proposed method with the results of Boosting, Bagging and Stacking using the combining method proposed, to obtain results which are significantly better than using Boosting, Bagging or Stacking alone.

MLH-IDS: A Multi-Level Hybrid Intrusion Detection Method

With the growth of networked computers and associated applications, intrusion detection has become essential to keeping networks secure. A number of intrusion detection methods have been developed for protecting computers and networks using conventional statistical methods as well as data mining methods. Data mining methods for misuse and anomaly-based intrusion detection, usually encompass supervised, unsupervised and outlier methods. It is necessary that the capabilities of intrusion detection methods be updated with the creation of new attacks. This paper proposes a multi-level hybrid intrusion detection method that uses a combination of supervised, unsupervised and outlierbased methods for improving the efficiency of detection of new and old attacks. The method is evaluated with a captured real-time flow and packet dataset called the Tezpur University intrusion detection system (TUIDS) dataset, a distributed denial of service dataset, and the benchmark intrusion dataset called the knowledge discovery and data mining Cup 1999 dataset and the new version of KDD (NSL-KDD) dataset. Experimental results are compared with existing multi-level intrusion detection methods and other classifiers. The performance of our method is very good.

Network attacks

To prevent and defend networks from the occurrence of attacks, it is highly essential that we have a broad knowledge of existing tools and systems available in the public domain. Based on the behavior and possible impact or severity of damages, attacks are categorized into a number of distinct classes. In this survey, we provide a taxonomy of attack tools in a consistent way for the benefit of network security researchers. This paper also presents a comprehensive and structured survey of existing tools and systems that can support both attackers and network defenders. We discuss pros and cons of such tools and systems for better understanding of their capabilities. Finally, we include a list of observations and some research challenges that may help new researchers in this field based on our hands-on experience.

Review: Network attacks: Taxonomy, tools and systems

To prevent and defend networks from the occurrence of attacks, it is highly essential that we have a broad knowledge of existing tools and systems available in the public domain. Based on the behavior and possible impact or severity of damages, attacks are categorized into a number of distinct classes. In this survey, we provide a taxonomy of attack tools in a consistent way for the benefit of network security researchers. This paper also presents a comprehensive and structured survey of existing tools and systems that can support both attackers and network defenders. We discuss pros and cons of such tools and systems for better understanding of their capabilities. Finally, we include a list of observations and some research challenges that may help new researchers in this field based on our hands-on experience.

Low-Rate and High-Rate Distributed DoS Attack Detection Using Partial Rank Correlation

Distributed Denial of Service (DDoS) attacks pose a serious threat to efficient and uninterrupted Internet services. During Distributed Denial of Service (DDoS), attackers make fool of innocent servers (i.e., Slave) into reddening packets to the victim. Most low-rate DDoS attack detection mechanisms are associated with specific protocols used by the attacks. Due to the use of slave, it has been found that the traffic flow for such an attack and their response flow to the victim may have linear relationships with another. Based on this observation, we propose the Partial Rank Correlation-based Detection (PRCD) scheme to detect both low-rate and high-rate DDoS attacks. Our experimental results confirm theoretical analysis and demonstrate the effectiveness of the proposed scheme in practice.

RODD: An Effective R eference-Based O utlier D etection Technique for Large D atasets

Outlier detection has gained considerable interest in several fields of research including various sciences, medical diagnosis, fraud detection, and network intrusion detection. Most existing techniques are either distance based or density based. In this paper, we present an effective reference point based outlier detection technique (RODD) which performs satisfactorily in high dimensional real-world datasets. The technique was evaluated in terms of detection rate and false positive rate over several synthetic and real-world datasets and the performance is excellent.

An Efficient Approach on Rare Association Rule Mining

:Traditional association mining techniques are based on support-confidence framework, which enable us to generate frequent rules based on frequent itemsets identified on a market basket dataset with reference to two user defined threshold minsup and minconf. However, the infrequent itemsets referred here as rare itemsets ignored by those techniques often carry useful information in certain real life applications. This paper presents an effective method to generate frequent as well as rare itemsets and also consequently the rules. The effectiveness of the proposed method is established over several synthetic and real life datasets. To address the limitations of support-confidence based frequent and rare itemsets generation technique, a multi-objective rule generation method also has been introduced. The method has been found to perform satisfactory over several real life datasets.

A Fuzzy Mutual Information-based Feature Selection Method for Classification

Abstract In this paper, we present a feature selection method called Fuzzy Mutual Information-based Feature Selection with Non-Dominated solution (FMIFS-ND) using a fuzzy mutual information measure which selects features based on feature-class fuzzy mutual information and feature-feature fuzzy mutual information. To evaluate classification accuracy of the proposed method, a modification of the -nearest neighbor (KNN) classifier is also presented in this paper to classify instances based on the distance or similarity between individual features. The performance of both methods is evaluated on multiple UCI datasets by using four classifiers. We compare the accuracy of our feature selection method with existing feature selection methods and validate accuracy of the proposed classifier with decision trees, random forests, naive Bayes, KNN and support vector machines (SVM). Experimental results show that the feature selection method gives high classification accuracy in most high dimensional datasets as well as the accuracy of proposed classifiers outperforms the traditional KNN classifier.

Module extraction from subspace co-expression networks

Most existing algorithms for co-expression network construction for the purpose of gene expression data analysis define correlation between a pair of genes over the set of all samples as an edge. In this paper, we propose a way to represent co-expression network that traces correlation among genes over subspace of samples. A method is presented for construction of such a co-expression network. A connectivity measure is also introduced to determine connectivity among genes in the proposed representation of co-expression network. The proposed connectivity measure is used with k-means clustering algorithm to extract network modules from the sub-space co-expression network. The methodology has been applied over real life gene expression datasets and the results are validated in terms of external indices such as p value and Q value.