An Unknown Attack Detection Scheme Based on Semi-supervised Learning and Information Gain Ratio

Meng-Fan Xu,
Xing-Hua Li,
Mei-Xia Miao,
Cheng Zhong,
Jian-Feng Ma,

Abstract


State-of-the-art intrusion detection schemes employ machine learning techniques to identify unknown attacks with the network traffic data features. However, due to the lack of enough training set, the difficulty of quantitatively and adaptively selecting features, the existing schemes cannot detect unknown attacks effectively. To address this issue, this paper first proposes an improved k-means driven semi-supervised learning algorithm to enlarge the training set accurately with a small amount of labelled dataset for the detection model. Furthermore, information gain ratio aware random forest is utilized to determine the impact of different features and their weight voting for determination of unknown attacks, which can not only retain the information of features at utmost, but also adjust the weights of different features adaptively against dynamic attacks. Extensive experiments indicate that this scheme can detect unknown attacks effectively with more than 91% accuracy and less than 5% false negative rate over three real-world datasets. Compared with existing schemes, the accuracy is increased by at least 15.85%, while the false negative rate is decreased by more than 51.98%.


Citation Format:
Meng-Fan Xu, Xing-Hua Li, Mei-Xia Miao, Cheng Zhong, Jian-Feng Ma, "An Unknown Attack Detection Scheme Based on Semi-supervised Learning and Information Gain Ratio," Journal of Internet Technology, vol. 20, no. 2 , pp. 629-636, Mar. 2019.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Library and Information Center, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd. Shoufeng, Hualien 97401, Taiwan, R.O.C.
Tel: +886-3-931-7017  E-mail: jit.editorial@gmail.com