2024-03-29T14:22:10Zhttps://riubu.ubu.es/oai/requestoai:riubu.ubu.es:10259/38602021-11-10T09:38:23Zcom_10259_3847com_10259_5086com_10259_2604col_10259_3848
00925njm 22002777a 4500
dc
Sedano, Javier
author
González González, Silvia .
author
Herrero, Alvaro
author
Baruque, Bruno
author
Corchado, Emilio
author
2012-09
As it is well known, some Intrusion Detection Systems (IDSs) suffer from high rates of false positives and negatives. A mutation technique is proposed in this study to test and evaluate the performance of a full range of classifier ensembles for Network Intrusion Detection when trying to recognize new attacks. The novel technique applies mutant operators that randomly modify the features of the captured network packets to generate situations that could not otherwise be provided to IDSs while learning. A comprehensive comparison of supervised classifiers and their ensembles is performed to assess their generalization capability. It is based on the idea of confronting brand new network attacks obtained by means of the mutation technique. Finally, an example application of the proposed testing model is specially applied to the identification of network scans and related mutations
1367-0751
http://hdl.handle.net/10259/3860
10.1093/jigpal/jzs037
Network intrusion detection
IDS performance
classifier ensembles
machine learning
zero-day attacks
mutation
Mutating network scans for the assessment of supervised classifier ensembles