TAILIEUCHUNG - Enhancing network intrusion classification through the kolmogorov - smirnov splitting criterion

The single decision tree gives best results for minority classes, cost metric and global accuracy compared with the bagged boosting of trees of the KDDCup’99 winner and classical decision tree algorithms using the Shannon entropy. In contrast to the complex model of KDDCup winner, our decision tree represents inductive rules (IF-THEN) that facilitate human interpretation. | Journal of Science and Technology Volume 48, Issue 4, 2010 pp. 50-61 ENHANCING NETWORK INTRUSION CLASSIfiCATION THROUGH THE KOLMOGOROV-SMIRNOV SPLITTING CRITERION THANH-NGHI DO, PHILIPPE LENCA, AND STÉPHANE LALLICH ABSTRACT Our investigation aims at detecting network intrusions using decision tree algorithms. Large differences in prior class probabilities of intrusion data have been reported to hinder the performance of decision trees. We propose to replace the Shannon entropy used in tree induction algorithms with a Kolmogorov Smirnov splitting criterion which locates a Bayes optimal cutpoint of attributes. The Kolmogorov-Smirnov distance based on the cumulative distributions is not degraded by class imbalance. Numerical test results on the KDDCup99 dataset showed that our proposals are attractive to network intrusion detection tasks. The single decision tree gives best results for minority classes, cost metric and global accuracy compared with the bagged boosting of trees of the KDDCup’99 winner and classical decision tree algorithms using the Shannon entropy. In contrast to the complex model of KDDCup winner, our decision tree represents inductive rules (IF-THEN) that facilitate human interpretation. 1. INTRODUCTION Nowadays the increasing pervasiveness of communication between computer networks and the development of the internet transform the way people live, work and play. In addition, the number of intrusions into computer systems is also growing. Therefore, security of computer networks plays a strategic role in modern computer systems. Many rule-based systems use their rule sets to detect network intrusions. Unfortunately, due to the huge volume of network traffic, coding the rules by security experts becomes difficult and time-consuming. Since machine learning techniques can build intrusion detection models adaptively, this kind of network intrusion detection has significant advantages over rule-based ones. Over the last several years, a growing .

• Vật lý
• Journal of Science and Technology
• Enhancing network intrusion classification
• Tthe kolmogorov smirnov splitting criterion
• Facilitate human interpretation
• The KDDCup’99 winner
• Journal of Marine science and Technology
• Marine science and Technology
• Marine science and Technology no 56
• Marine science and Technology year 2018
• Evaluation method
• Electrical energy management model
• Marine science and Technology no 53
• Diesel engines
• Journal of Fisheries science and Technology
• Fisheries science and Technology
• Fisheries science and Technology no 3
• Fisheries science and Technology year 2016
• Striped catfish
• Common carp cyprinus carpio
• Fisheries science and Technology no 4
• Fisheries science and Technology year 2018
• Coastal fi shing activities
• White striped cleaner shrimp
• Journal of Science
• Journal of Technology
• Technology Management
• Science and Technology
• International integration
• Science and Technology Strategy
• Evaluation of science and technology
• Global journal of computer science
• Global journal of computer science and technology
• Information & technology
• GIS based fire emergency response system
• Marine science and technology no 61
• Actual GPS receivers
• Display information on stability
• Nuclear science and technology
• The journal of Nuclear science and technology
• Rotary rack served for elemental concentration
• Seawaterusing co precipitation method
• Natural radionuclides
• Experimental data
• Low energy experiments
• Multigroup cross sections
• Stable isotopic values
• Radial blanket
• Dissolved nitrogen compounds
• Irradiation channels
• Neutron rich nuclei
• Prescila neutron probe
• Full core conversion
• Multipurpose research reactor
• Aquatic environment
• Geochemical parameters
• External reactor vessel cooling method
• Radiation crosslinked scaffolds
• Adipose derived stem cell culture
• Treatment plans
• Minor actinide compositions
• IM NAA of non standard geometrical samples
• Cross shaped obstacle
• University entrepreneurship
• Entrepreneurial research university
• Technology innovation
• Industry university cooperation
• Regional innovation
• Journal of technology and science education
• Bring science and technology closer to secondary school
• Technology closer to secondary school
• Secondary school teachers
• Face to face
• Technology development
• Technology commercialization
• The role of informal science centers in science education
• Informal science center
• Attudes toward science
• Scientfic thinking skills
• Scientific research
• Research quality
• Strategy and policy
• Research Organizations
• Policy Planning
• Science and Technology development
• Theory Z
• Human Resources
• Development policy of Japan
• ‘Standards’ on the bench
• Technological literacy render an adequate image of technology
• Adequate image of technology
• Standards for technological literacy
• Philosophy of technology
• The nature of technology
• Concepts of technology
• Post secondary project based learning in science
• Post secondary project based learning in technology
• Post secondary project based learning in engineering and mathematics
• Post secondary project