Next Article in Journal
Restoration of Dimensions for Ancient Drawing Recognition
Previous Article in Journal
Deep Learning Methods for 3D Human Pose Estimation under Different Supervision Paradigms: A Survey
Article

Improvement of the Classification Performance of an Intrusion Detection Model for Rare and Unknown Attack Traffic

Department of Computer Engineering, Korea National Defence University, 1040, Hwangsanbeol-ro, Yangchon-myeon, Nonsan-si 32010, Chungcheongnam-do, Korea
*
Author to whom correspondence should be addressed.
Academic Editor: Arkaitz Zubiaga
Electronics 2021, 10(18), 2268; https://doi.org/10.3390/electronics10182268
Received: 24 August 2021 / Revised: 13 September 2021 / Accepted: 14 September 2021 / Published: 15 September 2021
(This article belongs to the Section Computer Science & Engineering)
How to deal with rare and unknown data in traffic classification has a decisive influence on classification performance. Rare data make it difficult to generate validation datasets to prevent overfitting, and unknown data interferes with learning and degrades the performance of the model. This paper presents a model generation method that accurately classifies rare data and new types of attacks, and does not result in overfitting. First, we use oversampling methods to solve the data imbalance caused by rare data. We separate the test dataset into a training dataset and a validation dataset. A model is created using separate training and validation datasets. Furthermore, the test dataset is used only for evaluating the performance capabilities of classification models, in order to make the test dataset independent of learning. We also use a softmax function that numerically indicates the probability that the model’s predictive results are accurate in detecting new, unknown attacks. Consequently, when applying the proposed method to the NSL_KDD dataset, the accuracy is 91.66%—an improvement of 6–16% compared to existing methods. View Full-Text
Keywords: intrusion detection; AI; GAN; softmax; validation; NSL_KDD intrusion detection; AI; GAN; softmax; validation; NSL_KDD
Show Figures

Graphical abstract

MDPI and ACS Style

Han, S.; Kim, Y.; Lee, S. Improvement of the Classification Performance of an Intrusion Detection Model for Rare and Unknown Attack Traffic. Electronics 2021, 10, 2268. https://doi.org/10.3390/electronics10182268

AMA Style

Han S, Kim Y, Lee S. Improvement of the Classification Performance of an Intrusion Detection Model for Rare and Unknown Attack Traffic. Electronics. 2021; 10(18):2268. https://doi.org/10.3390/electronics10182268

Chicago/Turabian Style

Han, Sangsoo, Youngwon Kim, and Soojin Lee. 2021. "Improvement of the Classification Performance of an Intrusion Detection Model for Rare and Unknown Attack Traffic" Electronics 10, no. 18: 2268. https://doi.org/10.3390/electronics10182268

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop