Next Article in Journal
Gamified Evaluation in STEAM for Higher Education: A Case Study
Next Article in Special Issue
Ensemble-Based Spam Detection in Smart Home IoT Devices Time Series Data Using Machine Learning Techniques
Previous Article in Journal
COVID-19 Public Sentiment Insights and Machine Learning for Tweets Classification
Open AccessArticle

Ensemble-Based Online Machine Learning Algorithms for Network Intrusion Detection Systems Using Streaming Data

Department of Computer Science, College of Engineering, Tennessee Tech University, Cookeville, TN 38505, USA
*
Author to whom correspondence should be addressed.
Information 2020, 11(6), 315; https://doi.org/10.3390/info11060315
Received: 14 May 2020 / Revised: 4 June 2020 / Accepted: 8 June 2020 / Published: 11 June 2020
(This article belongs to the Special Issue Machine Learning for Cyber-Physical Security)
As new cyberattacks are launched against systems and networks on a daily basis, the ability for network intrusion detection systems to operate efficiently in the big data era has become critically important, particularly as more low-power Internet-of-Things (IoT) devices enter the market. This has motivated research in applying machine learning algorithms that can operate on streams of data, trained online or “live” on only a small amount of data kept in memory at a time, as opposed to the more classical approaches that are trained solely offline on all of the data at once. In this context, one important concept from machine learning for improving detection performance is the idea of “ensembles”, where a collection of machine learning algorithms are combined to compensate for their individual limitations and produce an overall superior algorithm. Unfortunately, existing research lacks proper performance comparison between homogeneous and heterogeneous online ensembles. Hence, this paper investigates several homogeneous and heterogeneous ensembles, proposes three novel online heterogeneous ensembles for intrusion detection, and compares their performance accuracy, run-time complexity, and response to concept drifts. Out of the proposed novel online ensembles, the heterogeneous ensemble consisting of an adaptive random forest of Hoeffding Trees combined with a Hoeffding Adaptive Tree performed the best, by dealing with concept drift in the most effective way. While this scheme is less accurate than a larger size adaptive random forest, it offered a marginally better run-time, which is beneficial for online training. View Full-Text
Keywords: network intrusion detection; stream data; online learning network intrusion detection; stream data; online learning
Show Figures

Figure 1

MDPI and ACS Style

Martindale, N.; Ismail, M.; Talbert, D.A. Ensemble-Based Online Machine Learning Algorithms for Network Intrusion Detection Systems Using Streaming Data. Information 2020, 11, 315.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop