Browse > Article
http://dx.doi.org/10.3745/KTSDE.2018.7.3.99

Comparison of Performance Between Incremental and Batch Learning Method for Information Analysis of Cyber Surveillance and Reconnaissance  

Shin, Gyeong-Il (세종대학교 컴퓨터공학과)
Yooun, Hosang (국방과학연구소)
Shin, DongIl (세종대학교 컴퓨터공학과)
Shin, DongKyoo (세종대학교 컴퓨터공학과)
Publication Information
KIPS Transactions on Software and Data Engineering / v.7, no.3, 2018 , pp. 99-106 More about this Journal
Abstract
In the process of acquiring information through the cyber ISR (Intelligence Surveillance Reconnaissance) and research into the agent to help decision-making, periodic communication between the C&C (Command and Control) server and the agent may not be possible. In this case, we have studied how to effectively surveillance and reconnaissance. Due to the network configuration, agents planted on infiltrated computers can not communicate seamlessly with C&C servers. In this case, the agent continues to collect data continuously, and in order to analyze the collected data within a short time in When communication is possible with the C&C server, it can utilize limited resources and time to continue its mission without being discovered. This research shows the superiority of incremental learning method over batch method through experiments. At an experiment with the restricted memory of 500 mega bytes, incremental learning method shows 10 times decrease in learning time. But at an experiment with the reuse of incorrectly classified data, the required time for relearn takes twice more.
Keywords
Cyber ISR; Incremental Learning Method; Batch Learning Method; AdaBoost;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Matthew M. Hurley, "For and from cyberspace: Conceptualizing cyber intelligence, surveillance, and reconnaissance," Air & Space Power Journal, Vol.26, No.6, pp.12-33, 2012.
2 Hey-Jung Baek and Young-Tack Park, "The Study on Improvement of Cohesion of Clustering in Incremental Concept Learning," The KIPS Transactions: Part B, Vol.10, No.3, pp.297-304, 2003.
3 P. Fuangkhon and T. Tanprasert, "An incremental learning algorithm for supervised neural network with contour preserving classification," Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology, 2009. ECTI-CON 2009. 6th International Conference on, Vol.2, pp.740-743, 2009.
4 W., Hu, W., Hu, and S. Maybank, "Adaboost-based algorithm for network intrusion detection," IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics), Vol.38, No.2, pp.577-583, 2008.   DOI
5 T. G. Dietterich, "Ensemble methods in machine learning," Multiple Classifier Systems, Vol.1857 pp.1-15, 2000.
6 A. Bifet, G. Holmes, R. Kirkby, and B. Pfahringer, "Moa: Massive online analysis," Journal of Machine Learning Research, Vol.11, pp.1601-1604, 2010.
7 R. R. Ade and P. R. Deshmukh, "Methods for incremental learning: a survey," International Journal of Data Mining & Knowledge Management Process, Vol.3, No.4, pp.119-125, 2013.   DOI
8 G. I. Shin, D. I. Shin, D. K. Shin, and H. S. Yooun, "An Comparative Research of the Detection Rate of Intrusion Detection System Algorithms," in Proceedings of the Korea Information Processing Society Review 2017 Spring Conference, Vol.24, No.1, pp.223-226, 2017.
9 H. J. Ji, D. K. Shin, D. I. Shin, Y. H. Kim, and D. H. Kim, "A Study on comparison of KDD CUP 99 and NSL-KDD using artificial neural network," in Proceedings of the Korea Information Processing Society Review 2017 Spring Conference, Vol.24, No.1, pp.211-213, 2017.
10 M. A. M. Hasan, M. Nasser, B. Pal, and S. Ahmad, "Support vector machine and random forest modeling for intrusion detection system (IDS)," Journal of Intelligent Learning Systems and Applications, Vol.6, No.1, pp.45-52, 2014.
11 M. E. Aminanto and K. Kim, "Deep learning-based feature selection for intrusion detection system in transport layer," in Proceedings of the Korea Institutes of Information Security and Cryptology Conference 2016 Summer, Vol.26, No.1, pp.740-743, 2016.
12 Y. Freund, and R. E. Schapire, "Experiments with a new boosting algorithm," Icml, Vol.96, pp.148-156, 1996.
13 A. A. Olusola, A. S. Oladele, and D. O. Abosede, "Analysis of KDD'99 intrusion detection dataset for selection of relevance features," Proceedings of the World Congress on Engineering and Computer Science, Vol.1, pp.20-22, 2010.
14 H. G. Kayacik, A. N. Zincir-Heywood, and M. I. Heywood, "Selecting features for intrusion detection: A feature relevance analysis on KDD 99 intrusion detection datasets," in Proceedings of the Third Annual Conference on Privacy, Security and Trust, 2005.