09-10-2010, 05:23 PM
4479491.pdf (Size: 3.77 MB / Downloads: 370)
Layered Approach Using Conditional Random Fields for Intrusion Detection
Kapil Kumar Gupta, Baikunth Nath, Senior Member, IEEE, and
Ramamohanarao Kotagiri, Member, IEEE
Abstract—Intrusion detection faces a number of challenges; an intrusion detection system must reliably detect malicious activities
in a network and must perform efficiently to cope with the large amount of network traffic. In this paper, we address these two issues
of Accuracy and Efficiency using Conditional Random Fields and Layered Approach. We demonstrate that high attack detection
accuracy can be achieved by using Conditional Random Fields and high efficiency by implementing the Layered Approach.
Experimental results on the benchmark KDD ’99 intrusion data set show that our proposed system based on Layered Conditional
Random Fields outperforms other well-known methods such as the decision trees and the naive Bayes. The improvement in attack
detection accuracy is very high, particularly, for the U2R attacks (34.8 percent improvement) and the R2L attacks (34.5 percent
improvement). Statistical Tests also demonstrate higher confidence in detection accuracy for our method. Finally, we show that our
system is robust and is able to handle noisy data without compromising performance.