Manas Ranjan Patra

A Comparative Study of Data Mining Algorithms for Network Intrusion Detection

Data mining techniques are being applied in building intrusion detection systems to protect computing resources against unauthorised access. In this paper, the performance of three well known data mining classifier algorithms namely, ID3, J48 and Naive Bayes are evaluated based on the 10-fold cross validation test. Experimental results using the KDDCuppsila99 IDS data set demonstrate that while Naive Bayes is one of the most effective inductive learning algorithms, decision trees are more interesting as far as the detection of new attacks is concerned.

Hybrid intelligent systems for predicting software reliability

In this paper, we propose novel recurrent architectures for Genetic Programming (GP) and Group Method of Data Handling (GMDH) to predict software reliability. The effectiveness of the models is compared with that of well-known machine learning techniques viz. Multiple Linear Regression (MLR), Multivariate Adaptive Regression Splines (MARS), Backpropagation Neural Network (BPNN), Counter Propagation Neural Network (CPNN), Dynamic Evolving Neuro-Fuzzy Inference System (DENFIS), TreeNet, GMDH and GP on three datasets taken from literature. Further, we extended our research by developing GP and GMDH based ensemble models to predict software reliability. In the ensemble models, we considered GP and GMDH as constituent models and chose GP, GMDH, BPNN and Average as arbitrators. The results obtained from our experiments indicate that the new recurrent architecture for GP and the ensemble based on GP outperformed all other techniques.

Discriminative multinomial Naïve Bayes for network intrusion detection

This paper applies discriminative multinomial Naïve Bayes with various filtering analysis in order to build a network intrusion detection system. For our experimental analysis, we used the new NSL-KDD dataset, which is considered as a modified dataset for KDDCup 1999 intrusion detection benchmark dataset. We perform 2 class classifications with 10-fold cross validation for building our proposed model. The experimental results show that the proposed approach is very accurate with low false positive rate and takes less time in comparison to other existing approaches while building an efficient network intrusion detection system.

The application of intelligent and soft-computing techniques to software engineering problems: a review

This paper presents a comprehensive review of the work done during 1990–2008 in the application of intelligent techniques to solve software engineering (SE) problems. The review is categorised according to the type of intelligent technique applied viz. (1) neural networks (NNs), (2) fuzzy logic, (3) genetic algorithm, (4) decision tree, (5) case base reasoning and (6) other techniques subsuming soft computing. Further, the source of the data set and the results whenever available are also provided. We find that NNs is the most often used non-parametric method in SE and there exists immense scope to apply other equally famous methods such as fuzzy logic, decision trees and rough sets. The review is going to be useful to researchers as a starting point as it provides important future research directions. For practitioners also, the review would be useful. This would eventually lead to better decision making in SE thereby ensuring better, more reliable and cost effective software products.

Ensembling Rule Based Classifiers for Detecting Network Intrusions

An intrusion is defined as a violation of the security policy of the system, and hence, intrusion detection mainly refers to the mechanisms that are developed to detect violations of system security policy. Recently, data mining techniques have gained importance in providing the valuable information which in turn can help to enhance the decision on identifying the intrusions (attacks). In this paper; we evaluate the performance of various rule based classifiers like: JRip, RIDOR, NNge and Decision Table using ensemble approach in order to build an efficient network intrusion detection system. We use KDDCup’99, intrusion detection benchmark dataset (which is a part of DARPA evaluation program) for our experimentation. It can be observed from the results that the proposed approach is accurate in detecting network intrusions, provides low false positive rate, simple, reliable and faster in building an efficient network intrusion system.

Network intrusion detection system: a machine learning approach

Intrusion detection systems IDSs are currently drawing a great amount of interest as a key part of system defence. IDSs collect network traffic information from some point on the network or computer system and then use this information to secure the network. Recently, machine learning methodologies are playing an important role in detecting network intrusions or attacks, which further helps the network administrator to take precautionary measures for preventing intrusions. In this paper, we propose to use ten machine learning approaches that include Decision Tree J48, Bayesian Belief Network, Hybrid Naive Bayes with Decision Tree, Rotation Forest, Hybrid J48 with Lazy Locally weighted learning, Discriminative multinomial Naive Bayes, Combining random Forest with Naive Bayes and finally ensemble of classifiers using J48 and NB with AdaBoost AB to detect network intrusions efficiently. We use NSL-KDD dataset, a variant of widely used KDDCup 1999 intrusion detection benchmark dataset, for evaluating our proposed machine learning approaches for network intrusion detection. Finally, Experimental results with 5-class classification are demonstrated that include: Detection rate, false positive rate, and average cost for misclassification. These are used to aid a better understanding for the researchers in the domain of network intrusion detection.

Semi-Naïve Bayesian Method for Network Intrusion Detection System

Intrusion detection can be considered as a classification task that attempts to classify a request to access network services as safe or malicious. Data mining techniques are being used to extract valuable information that can help in detecting intrusions. In this paper, we evaluate the performance of rule based classifiers like: JRip, RIDOR, NNge and Decision Table (DT) with Naive Bayes (NB) along with their ensemble approach. We also propose to use the Semi-Naive Bayesian approach (DTNB) that combines Naive Bayes with the induction of Decision Tables in order to enhance the performance of an intrusion detection system. Experimental results show that the proposed approach is faster, reliable, and accurate with low false positive rates, which are the essential features of an efficient network intrusion detection system.

An event based, non-intrusive monitoring framework for Web Service Based Systems

Monitoring of Web Service Based Systems (SBS) in a non-intrusive and composition platform independent manner is a real challenge. In this paper, we propose a framework for monitoring the compliance of SBS for which a set of requirements have been pre-specified. These requirements may include behavioral properties of the SBS and/or assumptions that service providers may specify in terms of events extracted from the SBS. In the proposed framework the SBS runs independent of the monitoring functionality. A Monitor Specification Language (MSL) has been developed to specify the properties of the system to be monitored at run-time. The language has the ability to specify boolean, statistical, and time-related properties. The specifications are automatically translated into executable C programs which act as run-time monitors. The monitors thus generated monitor the specified properties by capturing run-time events from the business layer, service layer and infrastructure layer of the SBS.

Hybrid intelligent systems for detecting network intrusions

This paper intends to develop some novel hybrid intelligent systems by combining naive Bayes with decision trees NBDT and by combining non-nested generalized exemplar NNge and extended repeated incremental pruning JRip rule-based classifiers NNJR to construct a multiple classifier system to efficiently detect network intrusions. We also use ensemble design using AdaBoost to enhance the detection rate of the proposed hybrid system. Further, to have a better overall detection, we propose to combine farthest first traversal FFT clustering with classification techniques to obtain another two hybrid methods such as DTFF DT+FFT and FFNN NNge+FFT. Finally, we use Bayesian belief network with Tabu search combined with NNge for better detection rate. Because most of the anomaly detection uses binary labels, that is, anomaly or normal, without discussing more details about the attack types, we perform two-class classification for our proposed methodologies in this paper. Substantial experiments are conducted using NSL-KDD dataset, which is a modified version of KDD99 intrusion dataset. Finally, empirical results with a detailed analysis for all the approaches show that hybrid classification with clustering DTFF provides the best anomaly detection rate among all others. Copyright

Software Reliability Prediction Using Group Method of Data Handling

The main purpose of this paper is to propose the use of Group Method of Data Handling (GMDH) to predict software reliability. The GMDH algorithm presented in this paper is a heuristic self-organization method. It establishes the input-output relationship of a complex system using multilayered perception type structure that is similar to a feed forward multilayer neural network. The effectiveness of GMDH is demonstrated on a dataset taken from literature. Its performance is compared with that of multiple linear regression (MLR), back propagation trained neural networks (BPNN), threshold accepting trained neural network (TANN), general regression neural network (GRNN), pi-sigma network (PSN), dynamic evolving neuro-fuzzy inference system (DENFIS), TreeNet, multivariate adaptive regression splines (MARS) and wavelet neural network (WNN) in terms of normalized root mean square error (NRMSE). Based on experiments conducted, it is found that GMDH predicted reliability with least error compared to other techniques. Hence, GMDH can be used a sound alternative to the existing techniques for software reliability prediction.