{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,12]],"date-time":"2025-07-12T01:27:19Z","timestamp":1752283639294,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":17,"publisher":"Springer Singapore","isbn-type":[{"type":"print","value":"9789813349216"},{"type":"electronic","value":"9789813349223"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2021,1,19]],"date-time":"2021-01-19T00:00:00Z","timestamp":1611014400000},"content-version":"vor","delay-in-days":384,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Computer network is playing a significantly important role in our society, including commerce, communication, consumption and entertainment. Therefore, network security has become increasingly important. Intrusion detection systems have received considerable attention, which not only can detect known attacks or intrusions, but also can detect unknown attacks. Among the various methods applied to intrusion detection, logistic regression is the most widely used, which can achieve good performances and have good interpretability at the same time. However, intrusion detection systems usually confront with data of large scale and high dimension. How to reduce the dimension and improve the data quality is significant to improve the detection performances. Therefore, in this paper, we propose an effective intrusion detection model based on pls-logistic regression with feature augmentation. More specifically, the feature augmentation technique is implemented on the original features with goal of obtaining high-qualified training data; and then, pls-logistic regression is applied on the newly transformed data to perform dimension reduction and detection model building. The NSL-KDD dataset is used to evaluate the proposed method, and the empirical results show that our proposed method can achieve good performances in terms of accuracy, detection rate and false alarm rate.<\/jats:p>","DOI":"10.1007\/978-981-33-4922-3_10","type":"book-chapter","created":{"date-parts":[[2021,1,18]],"date-time":"2021-01-18T11:21:04Z","timestamp":1610968864000},"page":"133-140","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["An Effective Intrusion Detection Model Based on Pls-Logistic Regression with Feature Augmentation"],"prefix":"10.1007","author":[{"given":"Jie","family":"Gu","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,1,19]]},"reference":[{"issue":"11","key":"10_CR1","doi-asserted-by":"publisher","first-page":"8938","DOI":"10.1007\/s11227-020-03196-z","volume":"76","author":"G Kumar","year":"2020","unstructured":"Kumar, G., Thakur, K., Ayyagari, M.R.: MLEsIDSs: machine learning-based ensembles for intrusion detection systems\u2014a review. J. Supercomput. 76(11), 8938\u20138971 (2020). https:\/\/doi.org\/10.1007\/s11227-020-03196-z","journal-title":"J. Supercomput."},{"key":"10_CR2","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.neucom.2016.03.031","volume":"199","author":"SMH Bamakan","year":"2016","unstructured":"Bamakan, S.M.H., Wang, H., Yingjie, T., Shi, Y.: An effective intrusion detection framework based on MCLP\/SVM optimized by time-varying chaos particle swarm optimization. Neurocomputing 199, 90\u2013102 (2016)","journal-title":"Neurocomputing"},{"key":"10_CR3","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1016\/j.jnca.2018.12.006","volume":"128","author":"N Moustafa","year":"2019","unstructured":"Moustafa, N., Hu, J., Slay, J.: A holistic review of network anomaly detection systems: a comprehensive survey. J. Netw. Comput. Appl. 128, 33\u201355 (2019)","journal-title":"J. Netw. Comput. Appl."},{"issue":"10","key":"10_CR4","doi-asserted-by":"publisher","first-page":"11994","DOI":"10.1016\/j.eswa.2009.05.029","volume":"36","author":"CF Tsai","year":"2009","unstructured":"Tsai, C.F., Hsu, Y.F., Lin, C.Y., Lin, W.Y.: Intrusion detection by machine learning: a review. Expert Syst. Appl. 36(10), 11994\u201312000 (2009)","journal-title":"Expert Syst. Appl."},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy, pp. 305\u2013316 (2010)","DOI":"10.1109\/SP.2010.25"},{"issue":"8","key":"10_CR6","doi-asserted-by":"publisher","first-page":"662","DOI":"10.1016\/j.cose.2005.05.003","volume":"24","author":"Y Wang","year":"2005","unstructured":"Wang, Y.: A multinomial logistic regression modeling approach for anomaly intrusion detection. Comput. Secur. 24(8), 662\u2013674 (2005)","journal-title":"Comput. Secur."},{"issue":"10","key":"10_CR7","doi-asserted-by":"publisher","first-page":"7162","DOI":"10.1016\/j.eswa.2010.04.017","volume":"37","author":"MS Mok","year":"2005","unstructured":"Mok, M.S., Sohn, S.Y., Ju, Y.H.: Random effects logistic regression model for anomaly detection. Expert Syst. Appl. 37(10), 7162\u20137166 (2005)","journal-title":"Expert Syst. Appl."},{"issue":"4","key":"10_CR8","doi-asserted-by":"publisher","first-page":"998","DOI":"10.1007\/s10922-014-9335-3","volume":"23","author":"SY Ji","year":"2015","unstructured":"Ji, S.Y., Choi, S., Jeong, D.H.: Designing an internet traffic predictive model by applying a signal processing method. J. Netw. Syst. Manag. 23(4), 998\u20131015 (2015)","journal-title":"J. Netw. Syst. Manag."},{"key":"10_CR9","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1016\/j.cose.2016.11.004","volume":"65","author":"AA Aburomman","year":"2017","unstructured":"Aburomman, A.A., Reaz, M.B.I.: A survey of intrusion detection systems based on ensemble and hybrid classifiers. Comput. Secur. 65, 135\u2013152 (2017)","journal-title":"Comput. Secur."},{"issue":"513","key":"10_CR10","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1080\/01621459.2015.1005212","volume":"111","author":"J Fan","year":"2016","unstructured":"Fan, J., Feng, Y., Jiang, J., Tong, X.: Feature augmentation via nonparametrics and selection (FANS) in high-dimensional classification. J. Am. Stat. Assoc. 111(513), 275\u2013287 (2016)","journal-title":"J. Am. Stat. Assoc."},{"issue":"1","key":"10_CR11","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1016\/j.csda.2004.02.005","volume":"48","author":"P Bastien","year":"2005","unstructured":"Bastien, P., Vinzi, V.E., Tenenhaus, M.: Pls generalised linear regression. Comput. Stat. Data Anal. 48(1), 17\u201346 (2005)","journal-title":"Comput. Stat. Data Anal."},{"key":"10_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"220","DOI":"10.1007\/978-3-540-45248-5_13","volume-title":"Recent Advances in Intrusion Detection","author":"MV Mahoney","year":"2003","unstructured":"Mahoney, M.V., Chan, P.K.: An analysis of the 1999 DARPA\/lincoln laboratory evaluation data for network anomaly detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 220\u2013237. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45248-5_13"},{"key":"10_CR13","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.neucom.2016.03.031","volume":"199","author":"SMH Bamakan","year":"2016","unstructured":"Bamakan, S.M.H., Wang, H., Yingjie, T., Shi, Y.: An effective intrusion detection framework based on MCLP\/SVM optimized by time-varying chaos particle swarm optimization. Neurocomputing 199, 90\u2013102 (2016)","journal-title":"Neurocomputing"},{"key":"10_CR14","doi-asserted-by":"crossref","unstructured":"Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: Proceedings of the 2009 IEEE Symposium on Computational Intelligence in Security and Defense Applications, pp. 1\u20136. IEEE (2009)","DOI":"10.1109\/CISDA.2009.5356528"},{"issue":"3","key":"10_CR15","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1145\/1380422.1380425","volume":"3","author":"Z Yu","year":"2008","unstructured":"Yu, Z., Tsai, J.J., Weigert, T.: An adaptive automatically tuning intrusion detection system. ACM Trans. Auton. Adapt. Syst. 3(3), 10 (2008)","journal-title":"ACM Trans. Auton. Adapt. Syst."},{"issue":"12","key":"10_CR16","doi-asserted-by":"publisher","first-page":"1576","DOI":"10.1016\/j.jpdc.2012.09.004","volume":"72","author":"D Ippoliti","year":"2012","unstructured":"Ippoliti, D., Zhou, X.: A-GHSOM: an adaptive growing hierarchical self-organizing map for network anomaly detection. J. Parallel Distrib. Comput. 72(12), 1576\u20131590 (2012)","journal-title":"J. Parallel Distrib. Comput."},{"key":"10_CR17","doi-asserted-by":"crossref","unstructured":"Panda, M., Abraham, A., Patra, M.R.: Discriminative multinomial naive bayes for network intrusion detection. In: Proceedings of 2010 Sixth International Conference on Information Assurance and Security, pp. 5\u201310. IEEE (2010)","DOI":"10.1109\/ISIAS.2010.5604193"}],"container-title":["Communications in Computer and Information Science","Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-33-4922-3_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,1,18]],"date-time":"2021-01-18T11:36:43Z","timestamp":1610969803000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-981-33-4922-3_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9789813349216","9789813349223"],"references-count":17,"URL":"https:\/\/doi.org\/10.1007\/978-981-33-4922-3_10","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"19 January 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CNCERT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China Cyber Security Annual Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Beijing","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 August 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 August 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cncert2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/conf.cert.org.cn","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}