A Behavior-Based Intrusion Detection System Using Ensemble Learning Techniques

Intrusion Detection Systems (IDSs) play a key role in modern ICT security. Attacks detected and reported by IDSs are often analyzed by administrators who are tasked with countering the attack and minimizing its damage. Consequently, it is important that the alerts generated by the IDS are as detailed as possible. In this paper, we present a multi-layered behavior-based IDS using ensemble learning techniques for the classification of network attacks. Three widely adopted and appreciated models, i.e., Decision Trees, Random Forests, and Artificial Neural Networks, have been chosen to build the ensemble. To reduce the system response time, our solution is designed to immediately filter out traffic detected as benign without further analysis, while suspicious events are investigated to achieve a more fine-grained classification. Experimental evaluation performed on the CIC-IDS2017 public dataset shows that the system is able to detect nine categories of attacks with high performances, according to all the considered metrics

A cognitive architecture for ambient intelligence systems

Nowadays, the use of intelligent systems in homes and workplaces is a well-established reality. Research efforts are moving towards increasingly complex Ambient Intelligence (AmI) systems that exploit a wide variety of sensors, software modules and stand-alone systems. Unfortunately, using more data often comes at a cost, both in energy and computational terms. Finding the right trade-off between energy savings, information costs and accuracy of results is a major challenge, especially when trying to integrate many heterogeneous modules. Our approach fits into this scenario by proposing an ontology-based AmI system with a cognitive architecture, able to perceive the state of the surrounding environment, to reason on the current situation and act accordingly to modify the state of the environment based on the user’s preferences