A Partial Approach to Intrusion Detection

Sheppard, John (2021) A Partial Approach to Intrusion Detection. In: 11th EAI International Conference, ICDF2C 2020, Proceedings :. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST . Springer Science and Business Media Deutschland GmbH, USA, pp. 78-97. ISBN 9783030687335

Full text not available from this repository. (Request a copy)

Abstract

The need for intrusion detection continues to grow with the advancement of new and emerging devices, the increase in the vectors of attack these bring, and their computational limitations. This work examines the suitability of a traditional data mining approach often overlooked in intrusion detection, partial decision trees, on the recent CICIDS 2017 dataset. The approach was evaluated against recent deep learning results and shows that the partial decision tree outperformed these deep learning techniques for the detection of DDoS and Portscan attacks. Further analysis of the complete dataset has been performed using this partial technique. The creation of a reduced feature version of the dataset is proposed using PCA and is evaluated using a partial decision tree. It shows that a ten feature version of the dataset can produce a detection rate of 99.4% across the twelve classes, with a 77% reduction in training time.

Item Type:	Book Section
Additional Information:	Publisher Copyright: © 2021, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.
Uncontrolled Keywords:	/dk/atira/pure/subjectarea/asjc/1700/1705
Departments or Groups:
Depositing User:	Admin SSL
Date Deposited:	19 Oct 2022 23:15
Last Modified:	07 Jun 2023 18:38
URI:	http://repository-testing.wit.ie/id/eprint/4876

Actions (login required)

View Item