Naive Bayes modification for intrusion detection system classification with zero probability

One of the methods used in detecting the intrusion detection system is by implementing Naïve Bayes algorithm. However, Naïve Bayes has a problem when one of the probabilities is 0, it will cause inaccurate prediction, or even no prediction was found. This paper proposed two modifications for Naïve Bayes algorithm. The first modification eliminated the variable that has 0 probability and the second modification changed the multiplication operations to addition operations. This modification is only applied when the Naïve Bayes algorithm does not find any prediction results caused by zero probabilities. The results of this research show that the value of precision, recall, and accuracy in the modification made tends to increase and better than the original Naïve Bayes algorithm. The highest precision, recall, and accuracy are obtained from modification by changing the multiplication operation to the addition. Increasing precision can reach 4%, increasing recall reaches 2% and increasing accuracy reaches 2%.

Download Full-text

Intelligent Intrusion Detection System using Supervised Learning

Proceedings of Intelligent Computing and Technologies Conference ◽

10.21467/proceedings.115.3 ◽

2021 ◽

Author(s):

Sandipan Roy ◽

Apurbo Mandal ◽

Debraj Dey

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Naive Bayes ◽

Detection System ◽

Classification Problem ◽

Naïve Bayes ◽

Support Vector ◽

Detection Systems ◽

Malicious Activity ◽

Bayes Algorithm

Going digital involves networking with so many connected devices, so network security becomes a critical task for everyone. But an intrusion detection system can help us to detect malicious activity in a system or network. But generally, intrusion detection systems (IDS) are not reliable and sustainable also they require more resources. In recent years so many machine learning methods are proposed to give higher accuracy with minimal false alerts. But analyzing those huge traffic data is still challenging. So, in this article, we proposed a technique using the Support Vector Machine & Naive Bayes algorithm, by using this we can solve the classification problem of the intrusion detection system. For evaluating our proposed method, we use NSL-KDD and UNSW-NB15 dataset. And after getting the result we see that the SVM works better than the Naive Bayes algorithm on that dataset.

Download Full-text

Klasifikasi Anomali Intrusion Detection System (IDS) Menggunakan Algoritma Naïve Bayes Classifier dan Correlation-Based Feature Selection

Jurnal Teknologi Sistem Informasi dan Aplikasi ◽

10.32493/jtsi.v2i4.3453 ◽

2019 ◽

Vol 2 (4) ◽

pp. 135

Author(s):

Saipul Anwar ◽

Fajar Septian ◽

Ristasari Dwi Septiana

Keyword(s):

Feature Selection ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Naive Bayes ◽

Detection System ◽

Naïve Bayes ◽

Attribute Selection ◽

Correlation Technique ◽

Correlation Based Feature Selection ◽

Bayes Algorithm

Intrusion Detection System (IDS) is useful for detecting an attack or disturbance on a network or information system. Anomaly detection is a type of IDS that can detect a deviate attack on the network based on statistical probability. The increasing use of the internet also increases interference or attacks from intruders or crackers that exploit weak internet protocols and application software. When many data packets arrive, a problem arises that needs to be analyzed. The right technique to analyze the data package is data mining. This study aims to classify IDS anomalies using the Naïve Bayes classification algorithm from the results of attribute selection with correlation-based feature selection. This study uses a UNSW-NB15 intrusion detection system data collection consisting of 49 attributes and 321,283 data records. Performance measurements are based on accuracy, precision, F-Measure and ROC Area. The results of attribute selection with correlation-based feature selection leave 4 attributes. The results of the evaluation of IDS anomaly classification using the naïve Bayes algorithm without the precedence of the attributes selected by the correlation technique obtained an accuracy rate of 71.2%. While the classification results if preceded by the attributes selected by the correlation technique obtained an accuracy of 74.8%. Classification with the naïve Bayes algorithm can be improved its accuracy which is preceded by the selection of attributes with correlation techniques.

Download Full-text