Inter
national
J
our
nal
of
Electrical
and
Computer
Engineering
(IJECE)
V
ol.
6,
No.
5,
October
2016,
pp.
2432
–
2436
ISSN:
2088-8708
2432
Re
view
of
IDS
De
v
elepment
Methods
in
Machine
Lear
ning
Abdulla
Amin
Ab
ur
omman
*
and
Mamun
Bin
Ibne
Reaz
*
*
Department
of
Electrical,
Electronic
&
Systems
Engineering,
F
aculty
of
Engineering
&
Built
En
vironment,
Na
tional
Uni
v
ersity
of
Malaysia,
43600
UKM
Bangi,
Selangor
,
Malaysia
Article
Inf
o
Article
history:
Recei
v
ed
May
24,
2016
Re
vised
Jul
10,
2016
Accepted
Jul
25,
2016
K
eyw
ord:
Clustering
Ensemble
methods
Hybrid
system
IDS
Machine
learning
ABSTRA
CT
Due
to
the
rapid
adv
ancement
of
kno
wledge
and
technologies,
the
problem
of
decision
mak-
ing
is
getting
more
sophisticated
to
address,
therefore
the
in
v
enting
of
ne
w
methods
to
solv
e
it
is
v
ery
important.
One
of
the
promising
directions
in
machine
learning
and
data
mining
is
classifier
combination.
The
popularity
of
this
approach
is
c
onfirmed
by
the
still
gro
wing
number
of
publications.
This
re
vie
w
paper
focuses
mainly
on
classifier
combination
kno
wn
also
as
combined
classifie
r
,
multiple
classifier
systems,
or
classifier
ensemble.
Ev
entually
,
recommendations
and
suggestions
ha
v
e
also
included.
Copyright
c
2016
Institute
of
Advanced
Engineering
and
Science
.
All
rights
r
eserved.
Corresponding
A
uthor:
Abdulla
Amin
Ab
uromman
Department
of
Electrical,
Electronic
&
Systems
Engineering,
F
aculty
of
Engineering
&
Built
En
vironment,
National
Uni
v
ersity
of
Malaysia
43600
UKM
Bangi,
Selangor
,
Malaysia.
Email:
reoroman@hotmail.com
1.
INTR
ODUCTION
In
today’
s
huge
on-line
communications,
safe
guarding
the
precious
information
from
slipping
into
the
hands
of
hack
ers
is
the
greatest
obstacle.
In
spite
of
these
types
of
risks,
the
IDS
try
v
ery
hard
to
fight
the
c
yber
-attacks.
IDS
is
sorted
to
misuse
and
anomaly
detection.
In
misuse
detection,
the
IDS
e
v
aluate
the
data
it
collects
and
compares
it
to
the
huge
data
source
of
attack
s
ignatures
that
define
v
arious
attack
kinds.
In
anomaly
detection,
the
system
administrator
identifies
the
normal
state
of
netw
ork’
s
traf
fic,
and
then
an
y
identification
of
pattern
which
does
not
conform
to
an
anticipat
ed
sa
v
ed
normal
state
will
be
identified
anomaly
.
IDS
can
be
seen
as
pat
tern
recognition.
There
are
three
methods
of
pattern
recognition,
(i)
data
acquisition,
where
data
are
g
athered.
(ii)
Data
processing,
where
data
are
processed
to
eliminate
redundant
features,
and
(iii)
pattern
classification.
There
are
some
challenges
in
pattern
classification.
First,
the
huge
v
olume
of
data;
second,
finding
an
ef
fecti
v
e
technique
to
cope
using
numeric
features;
finally
,
research
in
the
area
of
pattern
recognition
sho
w
that
binomial
distrib
utions
cannot
represent
i
ts
beha
vior
,
meaning
that
con
v
entional
methods
of
parametric
statistical
might
not
assist.
Finally
,
pattern
recognition
issues
in
v
olv
e
other
kinds
of
classification
including
intrusion
detection.
There
are
se
v
eral
well-kno
wn
dat
asets
used
in
the
analysis
of
IDS.
KDD
cup
99
dataset
is
most
f
amous
one,
follo
wed
by
NSL-KDD
which
is
recommended
to
solv
e
a
number
of
the
inherent
issues
in
KDD’99.
2.
RELA
TED
W
ORK
Dif
ferent
approaches
ha
v
e
implemented
to
create
a
perfect
IDS
using
data
mining
and
machine
learning
methods.
P
atel
and
Buddhade
v
[1],
proposed
an
architecture
of
h
ybrid
IDS
based
on
misuse
and
anomaly
detection.
The
y
used
Snort
softw
are
(free
and
open
source
softw
are
for
IDS
and
IPS)
to
capture
and
analyze
netw
ork
pack
ets.
The
y
used
string
searching
algorithm
called
”AhoCorasick
algorithm”
to
compare
the
incoming
pattern
with
sa
v
ed
one
in
the
signature
database,
if
there
is
a
match,
an
alarm
will
rise,
if
not,
the
pattern
will
be
passed
to
anomaly
detector
for
further
classification.
Y
et,
the
authors
did
not
describe
which
algorithm
the
y
used
in
the
anomaly
model,
nor
pro
vide
e
xperiments
based
on
their
suggested
model.
J
ournal
Homepage:
http://iaesjournal.com/online/inde
x.php/IJECE
Evaluation Warning : The document was created with Spire.PDF for Python.
IJECE
ISSN:
2088-8708
2433
Hlaing,
Thuzar
[2],
proposed
feature
selection
based
on
Mutual
Correlation
method
to
reduce
the
34
contin-
uous
KDD
99
datas
et
features
to
10.
He
utilized
Fuzzy
Decision
T
ree
as
a
classifier
to
dif
ferentiate
between
normal
and
4
classes
of
attack.
He
compares
his
approach
with
Neural
Netw
ork+
SVM,
Fuzzy
Logi,
and
C4.5.
The
author
pro
v
es
that
his
approach
could
compete
others
in
term
of
accurac
y
,
though
it
could
be
great
in
terms
of
comparison
if
the
author
implemented
the
Mutual
Correlation
feature
selection
with
other
classifiers
as
well,
especially
with
the
strong
C4.5
DT
classifier
.
Chandrashekhar
and
Raghuv
eer
[3]
e
v
aluates
4
clustering
methods:
fuzzy
c-means,
Mountai,
Subtracti
v
e,
and
k-means
clustering
using
the
well
kno
wn
KDD
99
dataset.
Their
results
sho
w
that
fuzzy
c-means
and
k-means
clustering
performed
better
in
terms
of
computation
time
and
accurac
y
.
T
aghanaki
et.al
[4],
combined
tw
o
feature
e
xtraction
methods,
LD
A,
and
PCA
based
on
RBF
Neural
Netw
ork
as
pattern
classifier
.
Utilizing
W
eka
(Data
Mining
softw
are),
the
y
used
KDD
99
dataset
for
e
v
aluating
their
approach
and
compare
the
results
ag
ainst
K
ernel
Discriminant
Analysis
(KD
A),
Local
Liner
Embedding
(LLE),
Principal
Com-
ponent
Analysis
(PCA),
and
Linear
Discri
minant
Analysis
(LD
A).
Their
e
xperiments
indicates
that
their
proposed
approach
could
achie
v
e
better
results.
Y
ingmei
and
Songtao
[5]
proposed
classification
in
ad
hoc
netw
orks
based
on
impro
v
ed
k-means
clustering
algorithm
and
Hybrid
Genetic
Algorithm
(HGA).
The
impro
v
ed
k-means
clustering
used
to
split
the
data
to
normal
and
anomaly
traf
fic,
and
the
HGA
used
to
classify
the
intrusion
beha
vior
.
Using
KDD
99
for
the
e
xperiment,
the
results
sho
w
impro
v
ed
detection
accurac
y
and
lo
w
f
alse
positi
v
e
(FP)
rate.
3.
SINGLE
P
A
TTERN
RECOGNITION
Earlier
times,
pattern
recognition
concentrated
on
de
v
eloping
single
classifiers.
The
V
ast
majority
of
these
approaches
are
well
recognized
among
pattern
recognition
and
machine
learning
communities.
The
follo
wing
is
a
brief
history
about
well
kno
w
single
classifiers.
Fuzzy
logic:
it
is
a
potential
technique
suggested
by
Zadeh
(1965),
to
cope
with
decision-making
strate
gies
by
applying
IF-THEN
rules.
It
can
solv
e
the
non-linear
problems
and
can
pro
vide
a
linguistic
representation.
Liu
et.al.
[5],
proposed
IDS
model
based
on
fuzzy
logic
and
(Na
¨
ıv
e
Bayes
(NB)
classifiers,
where
fuzzy
system
emplo
yed
to
e
v
aluate
the
potential
threats
.
The
results
sho
w
that
fuzzy
system
could
decrease
the
f
alse
alarm
rate
and
pro
vide
better
e
v
aluation
of
the
potential
threats.
Artificial
Neural
Netw
orks
(ANN):
it
is
one
of
the
most
current
ef
fecti
v
e
classification
methods.
V
ersatility
and
the
natural
speed
are
the
adv
antages
of
choosi
ng
ANN
in
the
data
classification.
It
can
handle
the
multi-
v
ariables,
non-linear
data
sets.
Bitter
et.al.
[6],
discussed
critical
cases
in
intrusions
lik
e
spam,
w
orm,
and
DoS
being
resolv
ed
by
ANN.
He
reports
that
dataset
characteristics,
such
as
size,
format,
and
dimensionality
are
v
ery
critical
in
order
to
model
a
successful
ANN.
K
-Nearest
Neighbors:
it
is
well-kno
wn
classification
algorithm,
which
utilizes
distance
measurement.
It
con-
siders
that
the
whole
selection
of
sample
consists
of
the
perfect
classification
for
each
and
e
v
ery
single
item.
T
o
classify
a
ne
w
object,
the
algorithm
calculates
the
distance
between
e
v
ery
object
and
considers
objects
that
are
near
to
each
other
are
from
the
same
class.
Support
V
ector
Machine
(SVM):
is
a
technique
created
by
V
apnik
(1998).
SVM
construct
a
h
yperplane
between
tw
o
datasets
and
try
to
maximize
the
mar
gin
between
tw
o
classes
to
impro
v
e
classification
accurac
y
.
Na
¨
ıv
e
Baye
(NB):
broadly
utilized
method
in
classifications
purposes.
It
ass
umes
that
each
feature
has
its
o
wn
independenc
y
among
others.
It
is
based
on
Directed
Ac
yclic
Graph
(D
A
G),
where
nodes
are
used
to
depict
the
features
and
arcs
depict
their
dependencies.
Decision
T
rees
(DT):
In
DT
classification
the
feature
attitudes
e
xplaining
more
details
about
the
information.
F
or
an
ef
ficient
cl
assification,
the
features
with
highest
information
g
ain
(IG)
are
the
better
.
DT
contains
nodes,
arcs
(edges),
and
lea
v
es.
Nodes
represent
the
se
gmented
features,
arcs
(edges)
is
the
outcome
of
an
y
node
(children
of
that
node),
and
lea
v
es
represent
the
classified
class
using
a
decision
v
alue.
4.
HYBRID
AND
ENSEMBLE
P
A
TTERN
RECOGNITION
The
h
ybrid
and
ensemble
classification
methods
seek
to
combine
more
tha
n
one
classifier
to
boost
their
ef
ficienc
y
in
order
to
impro
v
e
the
classification
accurac
y
and
help
to
understand
dif
ferent
problems.
In
literature,
se
v
eral
approaches
for
classifiers
combination
proposed.T
able
1
illustrates
the
detail
ed
numbers
of
the
articles
used
h
ybrid
and
ensemble
methods.
IDS
r
e
vie
w
in
ML
(Abdulla
Ab
ur
omman)
Evaluation Warning : The document was created with Spire.PDF for Python.
2434
ISSN:
2088-8708
T
able
1.
Homogeneous
ensembles
for
IDS
Hybrid
Classifiers
Ensemble
Classifiers
[7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21],
[22,
23,
24,
25,
26,
27,
28,
29,
30,
31]
5.
DISCUSSION
AND
CONCLUSION
The
abo
v
e
approaches
lead
to
the
subsequent
issues:
Data
h
ybridization
and
kno
wledge
related
issues.
1.
Explicitly
and
constanc
y
in
kno
wledge
and
data.
2.
Pri
v
ac
y
of
data.
3.
Inte
gration
between
kno
wledge
and
data.
4.
Cost
of
data
acquire.
Classification
issues
in
the
h
ybrid
system.
1.
T
aking
into
consideration
the
di
v
ersity
between
classifiers
ensemble,
and
processing
time.
2.
Utilize
v
oting
strate
gy
in
the
ensemble.
3.
Utilize
other
functions,
such
as
parametric
model
The
quality
of
designing
classifier
depends
on
a
good
prior
kno
wledge.
If
the
learning
w
as
incomplete
or
unrepresentati
v
e,
this
may
create
a
sub-standard
classifier
.
It
is
v
ery
useful
to
not
emplo
y
the
data
from
the
same
source.
Besides,
subsequent
questions
also
should
be
satisfy:
1.
Does
combining
data
tak
en
from
undependable
resources
going
to
reduce
classification
quality?
and
what
is
the
quality
of
such
data?
2.
Ho
w
to
combine
dif
ferent
classifires.
i.e.
we
can
train
dif
ferent
classifiers
on
dif
ferent
subset
of
data,
then
we
deside
which
method
to
use
to
combine
them,
still
there
are
probelms
re
g
arding
the
qulity
method
of
learning.
3.
Is
the
classifier
learning
on
consistent
material?
If
we
w
ould
lik
e
to
combine
another
materials
for
learning
the
classfier
tak
en
from
other
source,
then
such
combinations
could
produce
instability
.
Besides,
instability
classification
methods
should
be
analyzed
the
follo
wing:
Instability
classification
methods
and
remo
v
al
out
of
the
actual
rule
set.
Instability
classification
methods
in
other
learning
data
set.
Instability
classification
methods
and
remo
v
al
between
learning
samples
and
rules.
4.
Ho
w
to
satisfy
limits
enforced
on
data
source?
it
is
generally
under
resitrection
of
la
w
due
to
pri
v
a
c
y
reasons.
so
we
should
tak
e
into
account
the
safety
of
pri
v
ac
y
.
5.
No
wdays,
making
decision
with
high-quality
could
be
in
hand,
b
ut
v
e
y
e
xpensi
v
e.
This
is
a
cost-sensiti
v
e
information
relation
issue.
i.e.
the
trade-of
f
between
data
cost
and
e
xpected
medical
diagnosis
results
in
medical
scenario.
W
e
observ
ed
the
abo
v
e
issues.
W
e
also
obser
v
ed
that
man
y
studies
did
not
consider
classifier
combination
based
on
feature
space
partitioning,
h
ybrid
classifiers
based
on
one-class
cl
assification
paradigm,
or
classifier
ensemble
for
data
stream
classification.
This
should
be
good
moti
v
ation
for
future
research.
IJECE
V
ol.
6,
No.
5,
October
2016:
2432
–
2436
Evaluation Warning : The document was created with Spire.PDF for Python.
IJECE
ISSN:
2088-8708
2435
REFERENCES
[1]
K.
K.
P
atel
and
B.
V
.
Buddhade
v
,
“
An
architecture
of
h
ybrid
intrusion
detection
system,
”
International
J
ournal
of
Information
and
Network
Security
,
v
ol.
2,
no.
2,
p.
197,
2013.
[2]
T
.
Hlaing,
“Feature
selection
and
fuzzy
decision
tree
for
netw
ork
intrusion
detection,
”
International
J
ournal
of
Informatics
and
Communication
T
ec
hnolo
gy
(IJ-ICT)
,
v
ol.
1,
no.
2,
pp.
109–118,
2012.
[3]
A.
Chandrashekhar
and
K.
Raghuv
eer
,
“Performance
e
v
aluation
of
data
clustering
techniques
using
kdd
cup-99
intrusion
detection
data
set,
”
International
journal
of
information
and
network
security
,
v
ol.
1,
no.
4,
p.
294,
2012.
[4]
S.
A.
T
aghanaki,
B.
Z.
Dehk
ordi,
A.
Hatam,
and
B.
Bahraminejad,
“Synthetic
feature
transformation
with
rbf
neural
netw
ork
to
impro
v
e
the
intrusion
detection
system
accurac
y
and
decrease
computational
costs,
”
Interna-
tional
J
ournal
of
Information
and
Network
Security
,
v
ol.
1,
no.
1,
p.
28,
2012.
[5]
L.
Liu,
P
.
W
an,
Y
.
W
ang,
and
S.
Liu,
“Clustering
and
h
ybrid
genetic
algorithm
based
intrusion
detection
strate
gy
,
”
Indonesian
J
ournal
of
Electrical
Engineering
and
Computer
Science
,
v
ol.
12,
no.
1,
pp.
762–770,
2014.
[6]
C.
Bitter
,
D.
A.
Elizondo,
and
T
.
W
atson,
“
Application
of
artificial
neural
netw
orks
and
related
techniques
to
intrusion
detection,
”
in
The
2010
International
J
oint
Confer
ence
on
Neur
al
Networks
(IJCNN)
.
IEEE,
2010,
pp.
1–8.
[7]
B.
Shanmug
am
and
N.
B.
Idris,
Hybrid
intrusion
detection
systems
(HIDS)
using
Fuzzy
lo
gic
.
INTECH
Open
Access
Publisher
,
2011.
[8]
A.
Herrero
and
E.
Corchado,
Mobile
Hybrid
Intrusion
Detection
.
Springer
,
2014.
[9]
R.
Mandal
and
S.
Y
ada
v
,
“
An
impro
v
ed
intrusion
system
design
using
h
ybrid
classification
technique,
”
Interna-
tional
J
ournal
of
Computer
Applications
,
v
ol.
117,
no.
10,
2015.
[10]
H.
Bostani
and
M.
Sheikhan,
“Hybrid
of
binary
gra
vitational
search
algorithm
and
mutual
information
for
feature
selection
in
intrusion
detection
systems,
”
Soft
Computing
,
pp.
1–18,
2015.
[11]
R.
Sujendran
and
M.
Arunachalam,
“Hybrid
fuzzy
adapti
v
e
wiener
filtering
with
optimization
for
intrusion
de-
tection,
”
ETRI
J
ournal
,
v
ol.
37,
no.
3,
pp.
502–511,
2015.
[12]
A.
Dhi
vya
and
S.
Si
v
anandan,
“Hybrid
fuzzy
jordan
netw
ork
for
rob
ust
and
ef
ficient
intrusion
detection
system,
”
Indian
J
ournal
of
Science
and
T
ec
hnolo
gy
,
v
ol.
8,
no.
34,
2015.
[13]
S.
Mouroug
an
and
M.
Aramudhan,
“Hybrid
e
v
olutionary
algorithmn
based
intrusion
detection
s
ystem
for
denial
of
service
attacks,
”
Indian
J
ournal
of
Science
and
T
ec
hnolo
gy
,
v
ol.
8,
no.
35,
2015.
[14]
S.
Dube
y
and
J.
Dube
y
,
“Kbb:
A
h
ybrid
method
for
intrusion
detect
ion,
”
in
Computer
,
Communication
and
Contr
ol
(IC4),
2015
International
Confer
ence
on
.
IEEE,
2015,
pp.
1–6.
[15]
Y
.
Canbay
and
S.
Sagiroglu,
“
A
h
ybrid
method
for
intrusion
detection,
”
in
2015
IEEE
14th
International
Confer
-
ence
on
Mac
hine
Learning
and
Applications
(ICMLA)
.
IEEE,
2015,
pp.
156–161.
[16]
S.
K.
Sharma,
D.
Bhattacharyya,
M.
R.
P
atra,
and
T
.-h.
Kim,
“
A
ne
w
parallel
h
ybrid
model-intrusion
pre
v
ention
systems,
”
in
2015
8th
International
Confer
ence
on
Security
T
ec
hnolo
gy
(SecT
ec
h)
.
IEEE,
2015,
pp.
17–24.
[17]
T
.
P
atil
and
B.
Joshi,
“Impro
v
ed
ackno
wledgement
intrusion
detection
system
in
manets
using
h
ybrid
crypto-
graphic
technique,
”
in
2015
International
Confer
ence
on
Applied
and
Theor
etical
Computing
and
Communica-
tion
T
ec
hnolo
gy
(iCA
TccT)
.
IEEE,
2015,
pp.
636–641.
[18]
G.
P
.
Rout
and
S.
N.
Mohanty
,
“
A
h
ybrid
approach
for
netw
ork
intrusion
detection,
”
in
Communication
Systems
and
Network
T
ec
hnolo
gies
(CSNT),
2015
F
ifth
International
Confer
ence
on
.
IEEE,
2015,
pp.
614–617.
[19]
M.
E.
Haque
and
T
.
M.
Alkharobi,
“
Adapti
v
e
h
ybrid
model
for
netw
ork
intrusion
detection
and
comparison
among
machine
learning
algorithms,
”
International
J
ournal
of
Mac
hine
Learning
and
Computing
,
v
ol.
5,
no.
1,
p.
17,
2015.
[20]
K.
Kaur
and
N.
Kaur
,
“
A
h
ybrid
approach
of
fuzzy
c-mean
clustering
and
genetic
algorithm
(g
a)
to
impro
v
e
intrusion
detection
rate,
”
International
J
ournal
of
Science
and
Resear
c
h
,
2015.
[21]
A.
T
esf
ahun
and
D.
L.
Bhaskari,
“Ef
fecti
v
e
h
ybrid
intrusion
detection
system:
A
layered
approach,
”
International
J
ournal
of
Computer
Network
and
Information
Security
,
v
ol.
7,
no.
3,
p.
35,
2015.
[22]
L.-W
.
Chen,
“Netw
ork
intrusion
detection
model
with
clustering
ensemble
method,
”
International
J
ournal
of
Security
and
Its
Applications
,
v
ol.
9,
no.
11,
pp.
239–250,
2015.
[23]
A.
Cuzzocrea,
G.
F
olino,
and
P
.
Sabatino,
“
A
distrib
uted
frame
w
ork
for
supporting
adapti
v
e
ensemble-based
intrusion
detection,
”
in
Big
Data
(Big
Data),
2015
IEEE
International
Confer
ence
on
.
IEEE,
2015,
pp.
1910–
1916.
[24]
M.
Sreenath
and
J.
Udhayan,
“Intrusion
detection
system
using
bagging
ensemble
selection,
”
in
Engineering
and
T
ec
hnolo
gy
(ICETECH),
2015
IEEE
International
Confer
ence
on
.
IEEE,
2015,
pp.
1–4.
[25]
M.
Millik
en,
Y
.
Bi,
L.
Gal
w
ay
,
and
G.
Ha
we,
“Ensemble
learning
utilising
feature
pairings
for
i
ntrusion
detec-
tion,
”
in
2015
W
orld
Congr
ess
on
Internet
Security
(W
orldCIS)
.
IEEE,
2015,
pp.
24–31.
IDS
r
e
vie
w
in
ML
(Abdulla
Ab
ur
omman)
Evaluation Warning : The document was created with Spire.PDF for Python.
2436
ISSN:
2088-8708
[26]
P
.
Sornsuwit
and
S.
Jaiyen,
“Intrusion
detection
m
od
e
l
based
on
ensemble
learning
for
u2r
and
r2l
attacks,
”
in
2015
7th
International
Confer
ence
on
Information
T
ec
hnolo
gy
and
Electrical
Engineering
(ICITEE)
.
IEEE,
2015,
pp.
354–359.
[27]
D.
Gaikw
ad
and
R.
C.
Thool,
“Intrusion
detection
system
using
bagging
ensemble
method
of
machine
learning,
”
in
Computing
Communication
Contr
ol
and
A
utomation
(ICCUBEA),
2015
International
Confer
ence
on
.
IEEE,
2015,
pp.
291–295.
[28]
P
.
Amudha,
S.
Karthik,
and
S.
Si
v
akumari,
“Intrusion
detection
base
d
on
core
v
ector
machine
and
ensemble
classification
methods,
”
in
Soft-Computing
and
Networks
Security
(ICSNS),
2015
International
Confer
ence
on
.
IEEE,
2015,
pp.
1–5.
[29]
L.
Nan
and
X.
Chun-Zhi,
“
A
w
a
v
elet
transform
based
support
v
ector
machine
ensemble
algorithm
and
its
ap-
plication
in
netw
ork
intrusion
detection,
”
in
Intellig
ent
Systems
Design
and
Engineering
Applications
(ISDEA),
2014
F
ifth
International
Confer
ence
on,
vol
,
v
ol.
109,
2014,
pp.
15–16.
[30]
B.
A.
T
ama
and
K.
H.
Rhee,
“
A
combination
of
pso-based
feature
selection
and
tree-based
classifiers
ensemble
for
intrusion
detection
systems,
”
in
Advances
in
Computer
Science
and
Ubiquitous
Computing
.
Springer
,
2015,
pp.
489–495.
[31]
A.
A.
Ab
uromman
and
M.
B.
I.
Reaz,
“
A
no
v
el
SVM-kNN-PSO
ense
mble
method
for
intrusion
detection
sys-
tem,
”
Applied
Soft
Computing
,
v
ol.
38,
pp.
360–372,
2016.
IJECE
V
ol.
6,
No.
5,
October
2016:
2432
–
2436
Evaluation Warning : The document was created with Spire.PDF for Python.