A cyber network attack detection based on GM Median Nearest Neighbors LDA

The continuous development in network technologies causes a considerable hike in number of attacks and intrusions. Identification of these threats has become a critical part of security. To fulfill this task, the Intrusion Detection Systems (IDS) were created. Unfortunately, these tools have curse o...

Full description

Saved in:
Bibliographic Details
Published in:Computers & security 2019-09, Vol.86, p.63-74
Main Authors: Elkhadir, Zyad, Mohammed, Benattou
Format: Article
Language:English
Subjects:
Arithmetic
Communications traffic
Discriminant analysis
Feature extraction methods
Generalized mean
Intrusion detection systems
KDDcup99
Linear discriminant analysis
Mathematical analysis
Matrix methods
Median NN-LDA
Network anomaly detection
NSL-KDD
Outliers (statistics)
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The continuous development in network technologies causes a considerable hike in number of attacks and intrusions. Identification of these threats has become a critical part of security. To fulfill this task, the Intrusion Detection Systems (IDS) were created. Unfortunately, these tools have curse of dimensionality which tends to increase time complexity and decrease resource utilization. As a consequence, it is desirable that important features of network traffic must be analyzed. To obtain these features, previous work has employed a variant of Linear Discriminant Analysis (LDA) called Median Nearest Neighbors-LDA (Median NN-LDA). This approach finds the relevant features by working with network connections that are near to the median of every class. However, Median NN-LDA has an important drawback. It employs the class arithmetic mean vectors in the within and between scatter matrices formulation. As the arithmetic mean is sensitive to outliers, the approach will not produce optimal results. To deal with that, this paper introduces a new robust Median NN-LDA based on the generalized mean. Many experiments on KDDcup99 and NSL-KDD indicate the superiority of the approach over many LDA variants.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2019.05.021