Botes, FHLeenen, LouiseDe La Harpe, R2017-08-222017-08-222017-06Botes, F.H., Leenen, L. and De La Harpe, R. 2017. Ant colony induced decision trees for intrusion detection. Proceedings of the 16th European Conference on Cyber Warfare and Security (ECCWS 2017), Dublin, Ireland, 29 - 30 June 2017978-1-911218-43-2http://hdl.handle.net/10204/9464Proceedings of the 16th European Conference on Cyber Warfare and Security (ECCWS 2017), Dublin, Ireland, 29 - 30 June 2017In the ashes of Moore’s Law, companies have to acclimatise to the vast increase of data flowing through their networks. Reports on information breaches and hackers claiming ransom for company data are rampant. We live in a world where data requirements have become dynamic, where things are constantly changing. The field of intrusion detection however have not changed much, traditional detection methods are still the norm for commercial products promoting a rigid, manual and static detection platform. Intrusion Detection Systems (IDS) analyse network traffic to identify suspicious patterns with the intention to compromise the system. Practitioners train classifiers to classify the data within different categories e.g. malicious or normal network traffic. Machine learning has great potential when applied in the intrusion detection domain: decision trees (DT), random forests (RF) and ant colony optimization (ACO) are all popular research topics. This paper focuses on the recent advances within machine learning, specifically the Ant Tree Miner (ATM) classifier. The ATM classifier proposed by Otero, Freitas & Johnson (2012) builds decision trees using ant colony optimization instead of traditional C4.5 or CART techniques. Our experimental process ensures reliability, comparability and reproducibility, which are lacking in some previous research within the field. This approach is intended to improve on previous studies combining both domains. The ATM classifier has not been tested in the intrusion detection domain.enAnt Tree MinerAnt Colony OptimizationDecision TreesIntrusion detectionSwarm IntelligenceConference PresentationBotes, F., Leenen, L., & De La Harpe, R. (2017). Ant colony induced decision trees for intrusion detection. Academic Publishing. http://hdl.handle.net/10204/9464Botes, FH, Louise Leenen, and R De La Harpe. "Ant colony induced decision trees for intrusion detection." (2017): http://hdl.handle.net/10204/9464Botes F, Leenen L, De La Harpe R, Ant colony induced decision trees for intrusion detection; Academic Publishing; 2017. http://hdl.handle.net/10204/9464 .TY - Conference Presentation AU - Botes, FH AU - Leenen, Louise AU - De La Harpe, R AB - In the ashes of Moore’s Law, companies have to acclimatise to the vast increase of data flowing through their networks. Reports on information breaches and hackers claiming ransom for company data are rampant. We live in a world where data requirements have become dynamic, where things are constantly changing. The field of intrusion detection however have not changed much, traditional detection methods are still the norm for commercial products promoting a rigid, manual and static detection platform. Intrusion Detection Systems (IDS) analyse network traffic to identify suspicious patterns with the intention to compromise the system. Practitioners train classifiers to classify the data within different categories e.g. malicious or normal network traffic. Machine learning has great potential when applied in the intrusion detection domain: decision trees (DT), random forests (RF) and ant colony optimization (ACO) are all popular research topics. This paper focuses on the recent advances within machine learning, specifically the Ant Tree Miner (ATM) classifier. The ATM classifier proposed by Otero, Freitas & Johnson (2012) builds decision trees using ant colony optimization instead of traditional C4.5 or CART techniques. Our experimental process ensures reliability, comparability and reproducibility, which are lacking in some previous research within the field. This approach is intended to improve on previous studies combining both domains. The ATM classifier has not been tested in the intrusion detection domain. DA - 2017-06 DB - ResearchSpace DP - CSIR KW - Ant Tree Miner KW - Ant Colony Optimization KW - Decision Trees KW - Intrusion detection KW - Swarm Intelligence LK - https://researchspace.csir.co.za PY - 2017 SM - 978-1-911218-43-2 T1 - Ant colony induced decision trees for intrusion detection TI - Ant colony induced decision trees for intrusion detection UR - http://hdl.handle.net/10204/9464 ER -