Paper Info
Title
An Effective Two-Step Intrusion Detection Approach Based on Binary Classification and $k$ -NN.
Abstract
Intrusion detection has been an important countermeasure to secure computing infrastructures from malicious attacks. To improve detection performance and reduce bias towards frequent attacks, this paper proposes a two-step hybrid method based on binary classification and $k$ -NN technique. Step 1 employs several binary classifiers and one aggregation module to effectively detect the exact classes of network connections. After step 1, the connections whose classes are uncertain are sent to step 2 to further determine their classes by the $k$ -NN algorithm. Step 2 is based on the outcomes of step 1 and yields a beneficial supplement to step 1. By combining the two steps, the proposed method achieves reliable results on the NSL-KDD data set. The effectiveness of the proposed method is evaluated in comparison with five supervised learning techniques. Experimental results demonstrate that the proposed method outperforms baselines with respect to various evaluation criteria. In particular, for U2R and R2L attacks, the F1-scores of the proposed method are much higher than those of baselines. Furthermore, comparisons with some recent hybrid approaches are also listed. The results illustrate that the proposed method is competitive.
Year
Venue
Field
2018
IEEE Access
k-nearest neighbors algorithm,Data mining,Binary classification,Computer science,Support vector machine,Supervised learning,Feature extraction,Intrusion detection system,Genetic algorithm,Distributed computing,Binary number
DocType
Volume
Citations 
Journal
6
0
PageRank 
References 
Authors
0.34
0
5
Name
Order
Citations
PageRank
Long-jie Li1145.38
Yang Yu29455.24
Shenshen Bai322.44
Ying Hou4403.43
Xiao-yun Chen5153.42