Back RSS stream

Publications of Jérôme Darmont

Reference (inproceedings)

D.M. Farid, H.H. Nguyen, J. Darmont, N. Harbi, M. Zahidur, "Scaling up Detection Rates and Reducing False Positives in Intrusion Detection using NBTree", International Conference on Data Mining and Knowledge Engineering (ICDMKE 10), Rome, Italy, April 2010; WASET.


In this paper, we present a new learning algorithm for anomaly based network intrusion detection using improved self adaptive naïve Bayesian tree (NBTree), which induces a hybrid of decision tree and naïve Bayesian classifier. The proposed approach scales up the balance detections for different attack types and keeps the false positives at acceptable level in intrusion detection. In complex and dynamic large intrusion detection dataset, the detection accuracy of naïve Bayesian classifier does not scale up as well as decision tree. It has been successfully tested in other problem domains that naïve Bayesian tree improves the classification rates in large dataset. In naïve Bayesian tree nodes contain and split as regular decision-trees, but the leaves contain naïve Bayesian classifiers. The experimental results on KDD99 benchmark network intrusion detection dataset demonstrate that this new approach scales up the detection rates for different attack types and reduces false positives in network intrusion detection.


Detection rates, false positives, network intrusion detection, naïve Bayesian tree


[ BibTeX | XML | Full paper | Back ]