Improving Accuracy of Dempster-Shafer Theory Based Anomaly Detection Systems

• Main Authors: Ling Zou, Liming Zheng, Xianghua Zeng
• Format: Article
• Language: English
• Published: IFSA Publishing, S.L. 2014-07-01
• Series: Sensors & Transducers
• Subjects: Anomaly detection system; Dempster-Shafer theory; Feature; Weight; Correlation.
• Online Access: http://www.sensorsportal.com/HTML/DIGEST/july_2014/Vol_175/P_2230.pdf
• ISSN: 2306-8515; 1726-5479

While the Dempster-Shafer theory of evidence has been widely used in anomaly detection, there are some issues with them. Dempster-Shafer theory of evidence trusts evidences equally which does not hold in distributed-sensor ADS. Moreover, evidences are dependent with each other sometimes which will lead to false alert. We propose improving by incorporating two algorithms. Features selection algorithm employs Gaussian Graphical Models to discover correlation between some candidate features. A group of suitable ADS were selected to detect and detection result were send to the fusion engine. Information gain is applied to set weight for every feature on Weights estimated algorithm. A weighted Dempster-Shafer theory of evidence combined the detection results to achieve a better accuracy. We evaluate our detection prototype through a set of experiments that were conducted with standard benchmark Wisconsin Breast Cancer Dataset and real Internet traffic. Evaluations on the Wisconsin Breast Cancer Dataset show that our prototype can find the correlation in nine features and improve the detection rate without affecting the false positive rate. Evaluations on Internet traffic show that Weights estimated algorithm can improve the detection performance significantly.