Intrusion Detection System Based on Rough Set and DT-MARS
In this paper, we propose ideas about creating an Intrusion Detection System (IDS) based on the danger theory and multivariate adaptive regression splines (MARS) method. MARS is an effective method for flexible regression modeling of high dimensional data, which adapts to multifeature of intrusion detection. Fuzzy Membership Function is presented to put danger theory and MARS together, and we apply them into intrusion detection system (DT-MARS). To filter false positive alerts generated by Intrusion Detection Systems, redundant attributes are removed, and 10 attributes are obtained utilizing rough set theory in the proposed approach. Then the problem of filtering false positive alerts on the dataset with those 10 attributes is transformed to classification problem. We trained and tested on KDD1999 data set. We compare the results with support vector machines (SVM). It draws a conclusion that DT-MARS is a better method than SVM.
Intrusion Detection System (IDS) Multivariate Adaptive Regression Splines (MARS) Support Vector Machines (SVM) Danger Theory(DT) Rough Set (RS)
CHENG Xiang LIU Bingxiang
Information engineering Institute, Jingdezhen Ceramic Institute, Jindezhen, P.R.China 333001
国际会议
2008年国际应用统计学术研讨会(2008 International Institute of Applied Statistics Studies)
烟台
英文
1-4
2008-08-14(万方平台首次上网日期,不代表论文的发表时间)