A K-Means and Naive Bayes learning approach for better intrusion detection.

Muda, Zaiton and Yassin, Warusia and Sulaiman, Md. Nasir and Udzir, Nur Izura (2011) A K-Means and Naive Bayes learning approach for better intrusion detection. Information Technology Journal, 10 (3). pp. 648-655. ISSN 1812-5638

Full text not available from this repository.

Abstract

Intrusion Detection Systems (IDS) have become an important building block of any sound defense network infrastructure. Malicious attacks have brought more adverse impacts on the networks than before, increasing the need for an effective approach to detect and identify such attacks more effectively. In this study two learning approaches, K-Means Clustering and Naïve Bayes classifier (KMNB) are used to perform intrusion detection. K-Means is used to identify groups of samples that behave similarly and dissimilarly such as malicious and non-malicious activity in the first stage while Naive Bayes is used in the second stage to classify all data into correct class category. Experiments were performed with KDD Cup '99 data sets. The experimental results show that KMNB significantly improved and increased the accuracy, detection rate and false alarm of single Naïve Bayes classifier up to 99.6, 99.8 and 0.5%.

Item Type:Article
Keyword:Intrusion detection system; K-Means clustering; Naive Bayes classifier; Accuracy; Detection rate; False alarm
Subject:Computer networks-Security measures.
Subject:Electronic countermeasures.
Subject:Security systems.
Faculty or Institute:Faculty of Computer Science and Information Technology
DOI Number:10.3923/itj.2011.648.655
Altmetrics:http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.3923/itj.2011.648.655
ID Code:12710
Deposited By: Umikalthom Abdullah
Deposited On:29 Nov 2011 07:24
Last Modified:29 Nov 2011 07:24

Repository Staff Only: item control page

Document Download Statistics

This item has been downloaded for since 29 Nov 2011 07:24.

View statistics for "A K-Means and Naive Bayes learning approach for better intrusion detection."


Universiti Putra Malaysia Institutional Repository

Universiti Putra Malaysia Institutional Repository is an on-line digital archive that serves as a central collection and storage of scientific information and research at the Universiti Putra Malaysia.

Currently, the collections deposited in the IR consists of Master and PhD theses, Master and PhD Project Report, Journal Articles, Journal Bulletins, Conference Papers, UPM News, Newspaper Cuttings, Patents and Inaugural Lectures.

As the policy of the university does not permit users to view thesis in full text, access is only given to the first 24 pages only.