期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2014
卷号:65
期号:3
出版社:Journal of Theoretical and Applied
摘要:In anomaly intrusion detection systems, machine learning algorithms, e.g. KNN, SOM, and SVM, are widely used to construct a model of normal system activity that are designed to work with numeric data. Consequently, symbolic data (e.g., TCP, SMTP, FTP, OTH, etc.) need to be converted into numeric data prior to being analyzed. From the previous works, there were different methods proposed for handling the symbolic data; for example, excluding symbolic data, arbitrary assignment, and indicator variables. However, these methods may entail a very difficult classification problem, especially an increase of the dimensionality of data that directly affect the computational complexity of machine learning algorithm. Thus, this paper proposed a new symbolic conversion method in order to overcome limitations of previous works by replacing the symbolic data with their risk values, obtained from knowledge-based extraction. The experiments affirmed that our proposed method was more effective in improving the classifier performance than did the previous works, and it did not increase the dimensionality of data.
