ENHANCING NETWORK INTRUSION CLASSIfiCATION  THROUGH THE KOLMOGOROV-SMIRNOV SPLITTING  CRITERION

Do Thanh Nghi; Lenca Philippe; Lallich Stéphane

doi:10.15625/0866-708X/48/4/1167

ENHANCING NETWORK INTRUSION CLASSIfiCATION THROUGH THE KOLMOGOROV-SMIRNOV SPLITTING CRITERION

Do Thanh Nghi, Lenca Philippe, Lallich Stéphane

Author affiliations

Authors

Do Thanh Nghi Nhà xuất bản Khoa học Tự nhiên và Công nghệ
Lenca Philippe
Lallich Stéphane

DOI:

https://doi.org/10.15625/0866-708X/48/4/1167

Abstract

ABSTRACT

Our investigation aims at detecting network intrusions using decision tree algorithms. Large differences in prior class probabilities of intrusion data have been reported to hinder the
performance of decision trees. We propose to replace the Shannon entropy used in tree induction algorithms with a Kolmogorov Smirnov splitting criterion which locates a Bayes optimal cutpoint of attributes. The Kolmogorov-Smirnov distance based on the cumulative distributions is not degraded by class imbalance. Numerical test results on the KDDCup99 dataset showed that our proposals are attractive to network intrusion detection tasks. The single decision tree gives best results for minority classes, cost metric and global accuracy compared with the bagged boosting of trees of the KDDCup’99 winner and classical decision tree algorithms using the Shannon entropy. In contrast to the complex model of KDDCup winner, our decision tree represents inductive rules (IF-THEN) that facilitate human interpretation.

Downloads

Download data is not yet available.

Downloads

PDF (Tiếng Việt)

Published

26-06-2012

How to Cite

[1]

D. Thanh Nghi, L. Philippe, and L. Stéphane, “ENHANCING NETWORK INTRUSION CLASSIfiCATION THROUGH THE KOLMOGOROV-SMIRNOV SPLITTING CRITERION”, Vietnam J. Sci. Technol., vol. 48, no. 4, Jun. 2012.

IEEE

Download Citation

Issue

Vol. 48 No. 4 (2010)

Section

Articles

License

Vietnam Journal of Sciences and Technology (VJST) is an open access and peer-reviewed journal. All academic publications could be made free to read and downloaded for everyone. In addition, articles are published under term of the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA) Licence which permits use, distribution and reproduction in any medium, provided the original work is properly cited & ShareAlike terms followed.

Copyright on any research article published in VJST is retained by the respective author(s), without restrictions. Authors grant VAST Journals System a license to publish the article and identify itself as the original publisher. Upon author(s) by giving permission to VJST either via VJST journal portal or other channel to publish their research work in VJST agrees to all the terms and conditions of https://creativecommons.org/licenses/by-sa/4.0/ License and terms & condition set by VJST.

Authors have the responsibility of to secure all necessary copyright permissions for the use of 3rd-party materials in their manuscript.