An intrusion detection system using network traffic profiling and online sequential extreme learning machine

Raman Singh, Harish Kumar, R.K. Singla

Research output: Contribution to journalArticlepeer-review

180 Citations (Scopus)

Abstract

Anomaly based Intrusion Detection Systems (IDS) learn normal and anomalous behavior by analyzing network traffic in various benchmark datasets. Common challenges for IDSs are large amounts of data to process, low detection rates and high rates of false alarms. In this paper, a technique based on the Online Sequential Extreme Learning Machine (OS-ELM) is presented for intrusion detection. The proposed technique uses alpha profiling to reduce the time complexity while irrelevant features are discarded using an ensemble of Filtered, Correlation and Consistency based feature selection techniques. Instead of sampling, beta profiling is used to reduce the size of the training dataset. For performance evaluation of proposed technique the standard NSL-KDD 2009 (Network Security Laboratory-Knowledge Discovery and Data Mining) dataset is used. In this paper time and space complexity of the proposed technique is also discussed. The experimental results yielded an accuracy of 98.66% with a false positive rate of 1.74% and a detection time of 2.43 s for binary class NSL-KDD dataset. The proposed IDS achieve 97.67% of accuracy with 1.74% of false positive rate in 2.65 s of detection time for multi-class NSL-KDD dataset. The Kyoto University benchmark dataset is also used to test the proposed IDS. Accuracy of 96.37% with false positive rate of 5.76% is yielded by the proposed technique. The proposed technique outperforms other published techniques in terms of accuracy, false positive rate and detection time. Based on the experimental results achieved, we conclude that the proposed technique is an efficient method for network intrusion detection.

Original languageEnglish
Pages (from-to)8609-8624
Number of pages16
JournalExpert Systems with Applications
Volume42
Issue number22
Early online date17 Jul 2015
DOIs
Publication statusPublished - 1 Dec 2015

Fingerprint

Dive into the research topics of 'An intrusion detection system using network traffic profiling and online sequential extreme learning machine'. Together they form a unique fingerprint.

Cite this