Cost-sensitive spam detection using parameters optimization and feature selection

E-mail spam is no more garbage but risk since it recently includes virus attachments and spyware agents which make the recipients' system ruined, therefore, there is an emerging need for spam detection. Many spam detection techniques based on machine learning techniques have been proposed. As the amount of spam has been increased tremendously using bulk mailing tools, spam detection techniques should counteract with it. To cope with this, parameters optimization and feature selection have been used to reduce processing overheads while guaranteeing high detection rates. However, previous approaches have not taken into account feature variable importance and optimal number of features. Moreover, to the best of our knowledge, there is no approach which uses both parameters optimization and feature selection together for spam detection. In this paper, we propose a spam detection model enabling both parameters optimization and optimal feature selection; we optimize two parameters of detection models using Random Forests (RF) so as to maximize the detection rates. We provide the variable importance of each feature so that it is easy to eliminate the irrelevant features. Furthermore, we decide an optimal number of selected features using two methods; (i) only one parameters optimization during overall feature selection and (ii) parameters optimization in every feature elimination phase. Finally, we evaluate our spam detection model with cost-sensitive measures to avoid misclassification of legitimate messages, since the cost of classifying a legitimate message as a spam far outweighs the cost of classifying a spam as a legitimate message. We perform experiments on Spambase dataset and show the feasibility of our approaches

Network-based intrusion detection with support vector machines

This paper proposes a method of applying Support Vector Machines to network-based Intrusion Detection System (SVM IDS). Support vector machines(SVM) is a learning technique which has been successfully applied in many application areas. Intrusion detection can be considered as two-class classification problem or multi-class classification problem. We used dataset from 1999 KDD intrusion detection contest. SVM IDS was learned with triaing set and tested with test sets to evaluate the performance of SVM IDS to the novel attacks. And we also evaluate the importance of each feature to improve the overall performance of IDS. The results of experiments demonstrate that applying SVM in Intrusion Detection System can be an effective and efficient way for detecting intrusions

A survivable distributed sensor networks through stochastic models

The previous security architectures and mechanisms for distributed sensor networks only focus on confidentiality, integrity and authentication. The distributed sensor networks should have the ability to provide essential services in the presence of attacks and failures, and recover full services in a timely manner. In this paper, we present stochastic models for survivable distributed sensor networks. We define states of cluster based sensor networks and analyze the distributed sensor networks using stochastic models in mathematical manner. The evaluation results with the proof of concept scenario show our approach has a feasibility to design survivable distributed sensor networks

Towards optimal software rejuvenation in wireless sensor networks using self-regenerative components

The existing researchers on security for sensor networks have mostly concerned about only reconfiguration or only rejuvenation or both mechanisms for adaptation of sensor networks. In this paper we employ self-regenerative software components in order to perform optimal software rejuvenation in wireless sensor network with a view to increase the availability of sensor nodes in sensor networks. Here, the model uses self-regenerative capabilities for detecting misbehaving in node level and apply software rejuvenation in optimal time scheduling in order to extend the availability of sensor networks. In this paper we propose a general framework for optimal self-regenerative rejuvenation Scheduling. The security analysis shows the feasibility of our approach

Availability Analysis and Improvement of Software Rejuvenation Using Virtualization

Availability of business-critical application servers is an issue ofparamount importance that has received special attention from the industry and academia. To improve the availability of application servers, we have conducted a study of virtualization technology and software rejuvenation that follows a proactive fault-tolerant approach to counter act the software aging problem. We present Markov models for analyzing availability in such continuously running applications and express availability, downtime and downtime costs during rejuvenation in terms of the parameters in the models. Our results show that our approach is a practical way to ensure uninterrupted availability and optimize performance for even strongly aging applications

Towards survivable sensor networks using self-regenerative rejuvenation and reconfiguration

The previous works in sensor networks security have focused on the aspect of confidentiality, authentication and integrity based on cryptographic primitives. There has been no prior work to assess the survivability in systematic way. In this paper, we propose a framework for enhancing the survivability of sensor networks using self-regenerative software rejuvenation and reconfiguration. We utilize self-regenerative capabilities for detecting misbehaving in node level and apply software rejuvenation and reconfiguration methodology or both in order to extend the availability of sensor networks. The security analysis shows the feasibility of our approach