A Bi-objective Hyper-heuristic Support Vector Machines for Big Data Cyber-Security
Abstract:
Cyber security in the context of big data is known to be a critical problem and presents a great challenge to the research community. Machine learning algorithms have been suggested as candidates for handling big data security problems. A these algorithms, support vector machines (SVMs) have achieved remarkable success on various classification problems. However, to establish an effective SVM, the user needs to define the proper SVM configuration in advance, which is a challenging task that requires expert knowledge and a large amount of manual effort for trial and error. In this work, we formulate the SVM configuration process as a bi-objective optimisation problem in which accuracy and model complexity are considered as two conflicting objectives. We propose a novel hyperheuristic framework for bi-objective optimisation that is independent of the problem domain. This is the first time that a hyper-heuristic has been developed for this problem. The proposed hyper-heuristic framework consists of a high-level strategy and low-level heuristics. The high-level strategy uses the search performance to control the selection of which low-level heuristic should be used to generate a new SVM configuration. The low-level heuristics each use different rules to effectively explore the SVM configuration search space. To address bi-objective optimisation, the proposed framework adaptively integrates the strengths of decomposition- and Pareto-based approaches to approximate the Pareto set of SVM configurations. The effectiveness of the proposed framework has been evaluated on two cyber security problems: Microsoft malware big data classification and anomaly intrusion detection. The obtained results demonstrate that the proposed framework is very effective, if not superior, compared with its counterparts and other algorithms.
Existing System:
This work presents a novel bi-objective hyper-heuristic framework for SVM configuration optimisation. Hyperheuristics are more effective than other methods because they are independent of the particular task at hand and can often obtain highly competitive configurations. Our proposed hyper-heuristic framework integrates several key components that differentiate it from existing works to find an effective SVM configuration for big data cyber security. First, the framework considers a bi-objective formulation of the SVM configuration problem, in which the accuracy and model complexity are treated as two conflicting objectives. Second, the framework controls the selection of both the kernel type and kernel parameters as well as the soft margin parameter. Third, the hyper-heuristic framework combines the strengths of decomposition- and Pareto-based approaches in an adaptive manner to find an approximate Pareto set of SVM configurations.
Proposed System:
The performance of the proposed framework is validated and compared with that of state-of-the-art algorithms on two cyber security problems: Microsoft malware bigdata classification and anomaly intrusion detection. The empirical results fully demonstrate the effectiveness of the proposed framework on both problems.
Conclusion:
In this work, we proposed a hyper-heuristic SVM optimisation framework for big data cyber security problems. We formulated the SVM configuration process as a biobjective optimisation problem in which accuracy and model complexity are treated as two conflicting objectives. This bi-objective optimisation problem can be solved using the proposed hyper-heuristic framework. The framework integrates the strengths of decomposition- and Paretobased approaches to approximate the Pareto set of configurations. Our framework has been tested on two benchmark cyber security problem instances: Microsoft malware big data classification and anomaly intrusion detection. The experimental results demonstrate the effectiveness and potential of the proposed framework in achieving competitive, if not superior, results compared with other algorithms.
References
[1] Mansour Ahmadi, Dmitry Ulyanov, Stanislav Semenov, Mikhail Trofimov, and Giorgio Giacinto. Novel feature extraction, selection and fusion for effective malware family classification. In Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pages 183–194. ACM, 2016.
[2] Alfred V Aho and Margaret J Corasick. Efficient string matching: an aid to bibliographic search. Communications of the ACM, 18(6):333–340, 1975.
[3] Shawkat Ali and Kate A Smith-Miles. A meta-learning approach to automatic kernel selection for support vector machines. Neurocomputing, 70(1):173–186, 2006.
[4] Nedjem-Eddine Ayat, Mohamed Cheriet, and Ching Y Suen. Automatic model selection for the optimization of support vector machine kernels. Pattern Recognition, 38(10):1733–1745, 2005.
[5] Yukun Bao, Zhongyi Hu, and Tao Xiong. A particle swarm optimization and pattern search based memetic algorithm for svms parameters optimization. Neurocomputing, 117:98–106, 2013.
[6] Rodrigo C Barros, M´arcio P Basgalupp, Andr´e CPLF de Carvalho, and Alex A Freitas. A hyper-heuristic evolutionary algorithm for automatically designing decision-tree algorithms. In Proceedings of the 14th annual conference on Genetic and evolutionary computation, pages 1237–1244. ACM, 2012.
[7] M´arcio P Basgalupp, Rodrigo C Barros, Tiago S da Silva, and Andr´e CPLF de Carvalho. Software effort prediction: a hyperheuristic decision-tree based approach. In Proceedings of the 28th Annual ACM Symposium on Applied Computing, pages 1109–1116. ACM, 2013.
[8] M´arcio P Basgalupp, Rodrigo C Barros, and Vili Podgorelec. Evolving decision-tree induction algorithms with a multiobjective hyper-heuristic. In Proceedings of the 30th Annual ACM Symposium on Applied Computing, pages 110–117. ACM, 2015.
[9] Asa Ben-Hur and Jason Weston. A users guide to support vector machines. Data mining techniques for the life sciences, pages 223–239, 2010.
[10] David Brumley, Cody Hartwig, Zhenkai Liang, James Newsome, Dawn Song, and Heng Yin. Automatically identifying triggerbased behavior in malware. Botnet Detection, pages 65–88, 2008.
[11] Edmund K Burke, Matthew Hyde, Graham Kendall, Gabriela Ochoa, Ender Ozcan, and John R Woodward. A classification ¨ of hyper-heuristic approaches. In Handbook of metaheuristics, pages 449–468. Springer, 2010.
[12] Athanassia Chalimourda, Bernhard Sch¨olkopf, and Alex J Smola. Experimentally optimal ν in support vector regression for different noise models and parameter settings. Neural Networks, 17(1):127–141, 2004.
[13] Chih-Chung Chang and Chih-Jen Lin. Libsvm: a library for support vector machines. ACM transactions on intelligent systems and technology (TIST), 2(3):27, 2011.
[14] Min Chen, Shiwen Mao, and Yunhao Liu. Big data: A survey. Mobile Networks and Applications, 19(2):171–209, 2014.
[15] Nello Cristianini and John Shawe-Taylor. An introduction to support vector machines and other kernel-based learning methods. Cambridge university press, 2000.