Multi-Criteria Mathematical Programming Based Method on Network Intrusion Detection

Wang Bo; Nie Xiaowei

doi:10.7544/issn1000-1239.2015.20150587

Journal of Computer Research and Development > 2015 > 52(10): 2239-2246. > DOI: 10.7544/issn1000-1239.2015.20150587

Wang Bo, Nie Xiaowei. Multi-Criteria Mathematical Programming Based Method on Network Intrusion Detection[J]. Journal of Computer Research and Development, 2015, 52(10): 2239-2246. DOI: 10.7544/issn1000-1239.2015.20150587

Citation:

PDF (967 KB)

Multi-Criteria Mathematical Programming Based Method on Network Intrusion Detection

Wang Bo^1,2,
Nie Xiaowei³

¹(Research Center on Fictitious Economy and Data Science (University of Chinese Academy of Sciences) Beijing 100190)
²(Key Research Laboratory on Big Data Mining and Knowledge Management, Chinese Academy of Sciences (University of Chinese Academy of Sciences) Beijing 100190)
³(State Key Laboratory of Information Security, Chinese Academy of Sciences (Institute of Information Engineering, Chinese Academy of Sciences) Beijing 100093)

More Information

Published Date: September 30, 2015

Graphical Abstract

Abstract

Abstract

Multi-class classification models are often applied in real applications with multiple classes involved, such as credit card client analysis and disease diagnosis prediction. In fact, a network can be attacked by multiple hackers, which is also a typical multiple classes problem. Instead of building a firewall to prevent the network system, which is called a passive protection, one should find out the different attacking behaviors of the hackers for a positive defense. This paper promotes multi-criteria mathematical programming (MCMP) model for dealing with various kinds of attacks in network security. Without directly solving a convex mathematical programming problem, the proposed method only performs matrix computation for its optimal solution, which is easy to be realized. In addition, the concept of e-support vector is employed to facilitate the computation of large-scale applications. For nonlinear case, kernel technique is also applied. Using a newly well-known network intrusion dataset, called NSL-KDD, the paper demonstrates that the proposed method can achieve both high classification accuracies and low false alarm rates for multi-class network intrusion classification.

FullText(HTML)

References (0)

[1]	Yuan Xiaoxin, Hu Jun, Huang Yonghong. False Positive Adversarial Example Against Object Detectors[J]. Journal of Computer Research and Development, 2022, 59(11): 2534-2548. DOI: 10.7544/issn1000-1239.20210658
[2]	Xia Jing, Wang Tiancheng, Lü Tao, Li Huawei, Kuang Jishun. SER-Tvpack: An SER Estimation-Based Clustering Method for SRAM-Based FPGAs[J]. Journal of Computer Research and Development, 2014, 51(8): 1764-1772. DOI: 10.7544/issn1000-1239.2014.20120970
[3]	Zhang Zhaoliang, Chen Haiming, Huang Tingpei, Cui Li. Differentiated Bit Error Rate Estimation for Wireless Networks[J]. Journal of Computer Research and Development, 2014, 51(1): 138-150.
[4]	Zhao Yunshan, Gong Yunzhan, Zhou Ao, Wang Qian, and Zhou Hongbo. False Positive Elimination in Static Defect Detection[J]. Journal of Computer Research and Development, 2012, 49(9): 1822-1831.
[5]	Lei Shaohua, Han Yinhe, and Li Xiaowei. Soft Error Rate Analysis for Combinational Logic Using Frequency Method[J]. Journal of Computer Research and Development, 2011, 48(3): 535-544.
[6]	Sun Yan, Zhang Minxuan, Li Shaoqing, and Gao Changlei. Optimizing Soft Error Rate and Overhead of Circuits Based on Sensitive Registers Replacement[J]. Journal of Computer Research and Development, 2011, 48(1): 28-35.
[7]	Li Xin, Li Fan, Bian Xingbin, Liu Qihe. Answer Set Programming Representation for E-R Model[J]. Journal of Computer Research and Development, 2010, 47(1): 164-173.
[8]	Li Ye, Cai Yunze, Yin Rupo, Xu Xiaoming. Support Vector Machine Ensemble Based on Evidence Theory for Multi-Class Classification[J]. Journal of Computer Research and Development, 2008, 45(4): 571-578.
[9]	Sun Zhongwei, Feng Dengguo, Wu Chuankun. DWT Domain Blind Watermark Detection Based on Weak Signal Detection Theory[J]. Journal of Computer Research and Development, 2006, 43(11): 1920-1926.
[10]	Yang Wu, Yun Xiaochun, Li Jianhua. An Efficient Approach to Intrusion Detection Based on Boosting Rule Learning[J]. Journal of Computer Research and Development, 2006, 43(7): 1252-1259.