Multitier ensemble classifiers for malicious network traffic detection
A malicious network traffic detection method based on multi-level distributed ensemble classifier was proposed for the problem that the attack model was not trained accurately due to the lack of some samples of attack steps for detecting attack in the current network big data environment,as well as...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2018-10-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2018224/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539452651962368 |
|---|---|
| author | Jie WANG Lili YANG Min YANG |
| author_facet | Jie WANG Lili YANG Min YANG |
| author_sort | Jie WANG |
| collection | DOAJ |
| description | A malicious network traffic detection method based on multi-level distributed ensemble classifier was proposed for the problem that the attack model was not trained accurately due to the lack of some samples of attack steps for detecting attack in the current network big data environment,as well as the deficiency of the existing ensemble classifier in the construction of multilevel classifier.The dataset was first preprocessed and aggregated into different clusters,then noise processing on each cluster was performed,and then a multi-level distributed ensemble classifier,MLDE,was built to detect network malicious traffic.In the MLDE ensemble framework the base classifier was used at the bottom,while the non-bottom different ensemble classifiers were used.The framework was simple to be built.In the framework,big data sets were concurrently processed,and the size of ensemble classifier was adjusted according to the size of data sets.The experimental results show that the AUC value can reach 0.999 when MLDE base users random forest was used in the first layer,bagging was used in the second layer and AdaBoost classifier was used in the third layer. |
| format | Article |
| id | doaj-art-b70e4cfaafcc46939d4562e917060a15 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2018-10-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-b70e4cfaafcc46939d4562e917060a152025-01-14T07:15:40ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2018-10-013915516559721378Multitier ensemble classifiers for malicious network traffic detectionJie WANGLili YANGMin YANGA malicious network traffic detection method based on multi-level distributed ensemble classifier was proposed for the problem that the attack model was not trained accurately due to the lack of some samples of attack steps for detecting attack in the current network big data environment,as well as the deficiency of the existing ensemble classifier in the construction of multilevel classifier.The dataset was first preprocessed and aggregated into different clusters,then noise processing on each cluster was performed,and then a multi-level distributed ensemble classifier,MLDE,was built to detect network malicious traffic.In the MLDE ensemble framework the base classifier was used at the bottom,while the non-bottom different ensemble classifiers were used.The framework was simple to be built.In the framework,big data sets were concurrently processed,and the size of ensemble classifier was adjusted according to the size of data sets.The experimental results show that the AUC value can reach 0.999 when MLDE base users random forest was used in the first layer,bagging was used in the second layer and AdaBoost classifier was used in the third layer.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2018224/malicious network trafficattack detectionattack phasenetwork flow clusteringensemble classifier |
| spellingShingle | Jie WANG Lili YANG Min YANG Multitier ensemble classifiers for malicious network traffic detection Tongxin xuebao malicious network traffic attack detection attack phase network flow clustering ensemble classifier |
| title | Multitier ensemble classifiers for malicious network traffic detection |
| title_full | Multitier ensemble classifiers for malicious network traffic detection |
| title_fullStr | Multitier ensemble classifiers for malicious network traffic detection |
| title_full_unstemmed | Multitier ensemble classifiers for malicious network traffic detection |
| title_short | Multitier ensemble classifiers for malicious network traffic detection |
| title_sort | multitier ensemble classifiers for malicious network traffic detection |
| topic | malicious network traffic attack detection attack phase network flow clustering ensemble classifier |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2018224/ |
| work_keys_str_mv | AT jiewang multitierensembleclassifiersformaliciousnetworktrafficdetection AT liliyang multitierensembleclassifiersformaliciousnetworktrafficdetection AT minyang multitierensembleclassifiersformaliciousnetworktrafficdetection |