Intrusion Detection in Computer Networks Based on KNN, K-Means++ and J48

Faria, Mauricio Mendes; Monteiro, Ana Maria

doi:10.1007/978-3-030-01054-6_19

Mauricio Mendes Faria¹⁷ &
Ana Maria Monteiro¹⁷

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 868))

Included in the following conference series:

Proceedings of SAI Intelligent Systems Conference

1634 Accesses
2 Citations

Abstract

The diversification of web, desktop and mobile applications has made information security an issue in public and private organizations. Large amounts of data are generated by applications leading to many network requests that generate considerable volumes of traffic data that must be analyzed quickly and effectively to avoid unauthorized access. Analyzing these network data, it is possible to extract knowledge to detect if applications are experiencing instability on behalf of malicious users. Tools called IDS (Intrusion Detection System) are used to detect malicious accesses. An IDS can use different techniques to classify a network connection as intrusion or normal. This work analyses data mining algorithms that can be integrated into an IDS to detect intrusions. Experiments were conducted using the WEKA environment, the NSL-KDD dataset, the supervised algorithms KNN (K Nearest Neighbours) and J48, and the unsupervised algorithm K-means++.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
The WEKA (Waikato Environment for Knowledge Analysis) environment began to be written in 1993, using Java, at the University of Waikato in New Zealand, being acquired later by a company in late 2006. This environment aims to aggregate algorithms from different approaches area of artificial intelligence dedicated to the study of machine learning.

References

Arthur, D., Vassilvitskii, S.: k-means++: the advantages of careful seeding. In: SODA 2007 Proceedings of the Eighteenth Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 1027–1035 (2007)
Google Scholar
Bottou, L., Bengio, Y.: Convergence properties of the K-Means algorithms. In: Advances in Neural Information Processing Systems, vol. 7, pp. 585–592 (1995)
Google Scholar
Faria, M.M.: Detecção de Intrusões em Redes de Computadores com base nos Algoritmos KNN, K-Means++ e J48. Dissertação (Mestrado) - Curso de Ciência da Comuputação, Faculdade Campo Limpo Paulista, Campo Limpo Paulista, (2016). Cap. 5. http://www.cc.faccamp.br/Dissertacoes/MauricioMendesFaria.pdf. Accessed 01 Apr 2017
García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(2009), 18–28 (2009)
Article Google Scholar
Jones, A.K., Sielken, R.S.: Computer system intrusion detection: a survey. Technical report, Charlottesville: s.n (2000)
Google Scholar
Han, L., Kamber, M.: Data Mining Concepts And Techniques, 2nd edn. Morgan Kaufmann & Elsevier, São Francisco (2006)
MATH Google Scholar
Hart, P.E., Cover, T.M.: Nearest neighbor pattern classification. IEEE Trans. Inf. Theory 13, 21–27 (1967)
Google Scholar
Lincoln Laboratory Massachusets Institute of Technology, n.d. Cyber Systems and Technology. http://www.ll.mit.edu/ideval/data/. Accessed 27 July 2015
Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann Publisher, San Mateo (1993)
Google Scholar
Silva, L.M.O.d.: Uma Aplicação de Árvores de Decisão, Redes Neurais e Knn para a Identificação de Modelos Arma Não-Sazonais e Sazonais [dissertação]. Rio de Janeiro (RJ): Pontifícia Universidade Católica do Rio de Janeiro - Puc-Rio (2005)
Google Scholar
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 Second IEEE Symposium on Computational Intelligence for Security and Defence Applications, Ottawa, pp. 53–58 (2009)
Google Scholar

Download references

Acknowledgment

The authors are grateful to Faccamp Faculty (Faculty Campo Limpo Paulista) for supporting the development and publication of this work.

Author information

Authors and Affiliations

Faculty of Campo Limpo Paulista (FACCAMP), Rua Guatemala, 167, Campo Limpo Paulista, SP, 13231-230, Brazil
Mauricio Mendes Faria & Ana Maria Monteiro

Authors

Mauricio Mendes Faria
View author publications
You can also search for this author in PubMed Google Scholar
Ana Maria Monteiro
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mauricio Mendes Faria .

Editor information

Editors and Affiliations

Faculty of Science and Engineering, Saga University, Saga, Japan
Kohei Arai
The Science and Information (SAI) Organization, Bradford, UK
Supriya Kapoor
The Science and Information (SAI) Organization, Bradford, UK
Rahul Bhatia

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Faria, M.M., Monteiro, A.M. (2019). Intrusion Detection in Computer Networks Based on KNN, K-Means++ and J48. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Intelligent Systems and Applications. IntelliSys 2018. Advances in Intelligent Systems and Computing, vol 868. Springer, Cham. https://doi.org/10.1007/978-3-030-01054-6_19

Download citation

DOI: https://doi.org/10.1007/978-3-030-01054-6_19
Published: 09 November 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01053-9
Online ISBN: 978-3-030-01054-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)

Publish with us

Policies and ethics