ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술대회 Analysis of Intrusion Detection Performance by Smoothing Factor of Gaussian NB Model Using Modified NSL-KDD Dataset
Cited 2 time in scopus Download 0 time Share share facebook twitter linkedin kakaostory
저자
봉기정, 김종현
발행일
202210
출처
International Conference on Information and Communication Technology Convergence (ICTC) 2022, pp.1471-1476
DOI
https://dx.doi.org/10.1109/ICTC55196.2022.9952381
협약과제
22HR5600, 상시적 보안품질 보장을 위한 6G 자율보안 내재화 기반기술 연구, 김종현
초록
Recently, research on AI-based network intrusion detection has been actively conducted. In previous studies, the machine learning models such as SVM (Support Vector Machine) and RF (Random Forest) showed consistently high performance, whereas the NB (Na챦ve Bayes) showed various performances with large deviations. In the paper, after analyzing the cause of the NB models showing various performances addressed in the several studies, we measured the performance of the Gaussian NB model according to the smoothing factor that is closely related to these causes. Furthermore, we compared the performance of the Gaussian NB model with that of the other models as a zero-day attack detection system. As a result of the experiment, the accuracy was 38.80% and 87.99% in case that the smoothing factor is 0 and default respectively, and the highest accuracy was 94.53% in case that the smoothing factor is 1e-01. In the experiment, we used only some types of the attack data in the NSL-KDD dataset. The experiments showed the applicability of the Gaussian NB model as a zero-day attack detection system in the future. In addition, it is clarified that the smoothing factor of the Gaussian NB model determines the shape of gaussian distribution that is related to the likelihood.
KSP 제안 키워드
Attack Detection, Gaussian Distribution, High performance, Intrusion detection system(IDS), Large deviations, NSL-KDD dataset, Network Intrusion Detection, Random forest, Smoothing factor, Support VectorMachine(SVM), Zero-day attack