Combining Fuzzy C-Means and KNN Algorithms in Performance Improvement of Intrusion Detection System
| Autor: | P. Ravi Kiran Varma, B. Sujata |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
business.industry
Computer science False positives and false negatives 020206 networking & telecommunications Pattern recognition 02 engineering and technology Intrusion detection system Misuse detection Fuzzy logic k-nearest neighbors algorithm ComputingMethodologies_PATTERNRECOGNITION 0202 electrical engineering electronic engineering information engineering False positive paradox 020201 artificial intelligence & image processing Anomaly detection Artificial intelligence Cluster analysis business |
| Zdroj: | Proceedings of International Conference on Computational Intelligence and Data Engineering ISBN: 9789811063183 |
| DOI: | 10.1007/978-981-10-6319-0_30 |
| Popis: | One of the major issues in Intrusion Detection System (IDS) is misclassifications that leads to either false positives or false negatives. From the literature, it was found that among the various categories of IDS datasets, User-to-Root (U2R) attacks and Remote-to-Local (R2L) attacks are the most misclassified categories. Abnormal samples are identified with high accuracy by anomaly detection and normal samples are identified better by misuse detection methods. To reduce the false positives and false negatives, a hybrid two-phase mixture of anomaly and misuse detection are proposed with the assistance of various machine-learning techniques. In the first phase, unsupervised fuzzy C-means clustering (FCM) is used to cluster normal and anomalous data samples. In the second phase, two elements of K nearest neighbor (KNN) are used. One for checking normal and another one for checking abnormal samples. The proposed systems are evaluated using KDD 1999 IDS dataset and also compared with similar works and found to be beneficial. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|