TY - JOUR
T1 - Assessing centroid-based classification models for intrusion detection system using composite indicators
AU - Setiawan, Bambang
AU - Djanali, Supeno
AU - Ahmad, Tohari
AU - Nasrul Aziz, M.
N1 - Publisher Copyright:
© 2019 The Authors.
PY - 2019
Y1 - 2019
N2 - Detecting intrusion in network traffic is one of the computer security problems that has received a lot of attention for years. Various intrusion detection models were developed by machine learning and data mining. Commonly, confusion matrix-based performance measures are used to compare the performance of several models. But sometimes we need to combine those measure or combine it with performance measures outside the confusion matrix. In this study, we propose two composite indicator indexes (CPI) which built based on composite indicators and weighted linear aggregation methods to evaluate the model's performance. The first CPI is a combination of accuracy, robustness, completeness, and speed. We use it to rank the performance of the three centroid-based classifications models (CANN, L-SCANN, CASMN) on NSL-KDD dataset. While the second is a combination of overall class accuracy and accuracy of each class, we use to compare the models with the other IDS models.
AB - Detecting intrusion in network traffic is one of the computer security problems that has received a lot of attention for years. Various intrusion detection models were developed by machine learning and data mining. Commonly, confusion matrix-based performance measures are used to compare the performance of several models. But sometimes we need to combine those measure or combine it with performance measures outside the confusion matrix. In this study, we propose two composite indicator indexes (CPI) which built based on composite indicators and weighted linear aggregation methods to evaluate the model's performance. The first CPI is a combination of accuracy, robustness, completeness, and speed. We use it to rank the performance of the three centroid-based classifications models (CANN, L-SCANN, CASMN) on NSL-KDD dataset. While the second is a combination of overall class accuracy and accuracy of each class, we use to compare the models with the other IDS models.
KW - Centroid-based classification
KW - Composite indicators
KW - Intrusion detection system
UR - http://www.scopus.com/inward/record.url?scp=85078937436&partnerID=8YFLogxK
U2 - 10.1016/j.procs.2019.11.170
DO - 10.1016/j.procs.2019.11.170
M3 - Conference article
AN - SCOPUS:85078937436
SN - 1877-0509
VL - 161
SP - 665
EP - 676
JO - Procedia Computer Science
JF - Procedia Computer Science
T2 - 5th Information Systems International Conference, ISICO 2019
Y2 - 23 July 2019 through 24 July 2019
ER -