ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2015, Vol. 52 ›› Issue (10): 2239-2246.doi: 10.7544/issn1000-1239.2015.20150587

Special Issue: 2015网络安全与隐私保护研究进展

Previous Articles     Next Articles

Multi-Criteria Mathematical Programming Based Method on Network Intrusion Detection

Wang Bo1,2, Nie Xiaowei3   

  1. 1(Research Center on Fictitious Economy and Data Science (University of Chinese Academy of Sciences) Beijing 100190);2(Key Research Laboratory on Big Data Mining and Knowledge Management, Chinese Academy of Sciences (University of Chinese Academy of Sciences) Beijing 100190);3(State Key Laboratory of Information Security, Chinese Academy of Sciences (Institute of Information Engineering, Chinese Academy of Sciences) Beijing 100093)
  • Online:2015-10-01

Abstract: Multi-class classification models are often applied in real applications with multiple classes involved, such as credit card client analysis and disease diagnosis prediction. In fact, a network can be attacked by multiple hackers, which is also a typical multiple classes problem. Instead of building a firewall to prevent the network system, which is called a passive protection, one should find out the different attacking behaviors of the hackers for a positive defense. This paper promotes multi-criteria mathematical programming (MCMP) model for dealing with various kinds of attacks in network security. Without directly solving a convex mathematical programming problem, the proposed method only performs matrix computation for its optimal solution, which is easy to be realized. In addition, the concept of e-support vector is employed to facilitate the computation of large-scale applications. For nonlinear case, kernel technique is also applied. Using a newly well-known network intrusion dataset, called NSL-KDD, the paper demonstrates that the proposed method can achieve both high classification accuracies and low false alarm rates for multi-class network intrusion classification.

Key words: network intrusion detection, multi-class classification problem, multi-criteria mathematical programming(MCMP), e-support vector, false alarm rate

CLC Number: