Two Stages & Layered Intrusion Detection in Network Based on Extreme Learning Machine
Paper ID : 1189-ICTCK (R2)
1ماندانا مقیمی *, 2مجید وفایی جهان, 3محمد حسین معطر
2دبیر علمی چهارمین کنفرانس بین المللی سیستم های پیچیده و هوشمند
3معاونت آموزشی گروه فناوری اطلاعات
Abstract—With increasing connectivity between networks, the risk of information systems to external attacks or intrusions has increased tremendously. Machine learning methods like support vector machines (SVMs) and neural networks have been widely used for intrusion detection. These methods generally suffer from long training times, require parameter tuning, or do not perform well in multi-class classification. We propose a two stages and layered intrusion detection system based on extreme learning machine. The advantages of extreme learning machine are scalability and significant reduction in learning time than the support vector machine learning and neural networks respectively. In first level presence or absence of attack is determined. In the second level which is layered and each layer corresponds to a one attacks that commonly used in network, the class of attacks is diagnosed. In order to more and more increase of the system performance, the layers are parallel and run in a multi-core processor. Simulation result show that ELM can be detect the attacks even in large data set with short learning and testing time.
Keywords: Classification, Extreme Learning Machine, Feature Selection, Intrusion Detection, Learning Time, Neuron
Status : Paper Accepted