Effects of feature transformation and selection on classification of network traffic activities
As new technologies are emerging day by day, network, regardless of the Internet or Intranet within a corporation often plays a crucial role in connecting people from all around the world. From military use to achieving business goals and household need, data security often get attention from comput...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2015
|
| Online Access: | https://eprints.ums.edu.my/id/eprint/12079/1/mt0000000677.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-ums-ep.12079 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-ums-ep.120792017-11-07T07:31:19Z Effects of feature transformation and selection on classification of network traffic activities 2015 Lim, Wen Ying As new technologies are emerging day by day, network, regardless of the Internet or Intranet within a corporation often plays a crucial role in connecting people from all around the world. From military use to achieving business goals and household need, data security often get attention from computer scientists. Traditional security measures that include the installation of firewall and antivirus software are commonly utilised to prevent intrusion. However, such types of defence are merely sufficient to secure a network and data travelling across it. Thus, second lines of defence like Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) are introduced to overcome the inadequacy of traditional security measures. Generally, IDS uses two approaches, the Anomaly Detection (A-IDS) and the Misuse Detection in order to identify patterns of intrusion. A-IDS often perform comparison of the model of normal and anomalous model. Depending on the ability to measure similarity or distance between a target and a known type, comparison is made to determine whether to establish a new target anomalous or not. This research aims to investigate the effects of feature transformation on the classification of network activities; the focus is to represent the data into point series form to permit the application of Time Series Classification (TSC). The TSC technique used is k-Nearest Neighbour (KNN) coupled with Dynamic Time Warping. Effects of using different similarity measures, Euclidean Distance (ED) and Cosine similarity algorithm are also investigated. Experiments conducted involve conversion of the categorical data by three different conversion techniques to generate point series data – simple, probability and entropy conversion. Comparison between different classifiers is also conducted. The performance of the classifier is best using 1NN with Euclidean distance and entropy conversion for categorical data, where the recorded accuracy is 99.19%. 2015 Thesis https://eprints.ums.edu.my/id/eprint/12079/ https://eprints.ums.edu.my/id/eprint/12079/1/mt0000000677.pdf text en public masters Universiti Malaysia Sabah Faculty of Computing and Informatics |
| institution |
Universiti Malaysia Sabah |
| collection |
UMS Institutional Repository |
| language |
English |
| description |
As new technologies are emerging day by day, network, regardless of the Internet or Intranet within a corporation often plays a crucial role in connecting people from all around the world. From military use to achieving business goals and household need, data security often get attention from computer scientists. Traditional security measures that include the installation of firewall and antivirus software are commonly utilised to prevent intrusion. However, such types of defence are merely sufficient to secure a network and data travelling across it. Thus, second lines of defence like Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) are introduced to overcome the inadequacy of traditional security measures. Generally, IDS uses two approaches, the Anomaly Detection (A-IDS) and the Misuse Detection in order to identify patterns of intrusion. A-IDS often perform comparison of the model of normal and anomalous model. Depending on the ability to measure similarity or distance between a target and a known type, comparison is made to determine whether to establish a new target anomalous or not. This research aims to investigate the effects of feature transformation on the classification of network activities; the focus is to represent the data into point series form to permit the application of Time Series Classification (TSC). The TSC technique used is k-Nearest Neighbour (KNN) coupled with Dynamic Time Warping. Effects of using different similarity measures, Euclidean Distance (ED) and Cosine similarity algorithm are also investigated. Experiments conducted involve conversion of the categorical data by three different conversion techniques to generate point series data – simple, probability and entropy conversion. Comparison between different classifiers is also conducted. The performance of the classifier is best using 1NN with Euclidean distance and entropy conversion for categorical data, where the recorded accuracy is 99.19%. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Lim, Wen Ying |
| spellingShingle |
Lim, Wen Ying Effects of feature transformation and selection on classification of network traffic activities |
| author_facet |
Lim, Wen Ying |
| author_sort |
Lim, Wen Ying |
| title |
Effects of feature transformation and selection on classification of network traffic activities |
| title_short |
Effects of feature transformation and selection on classification of network traffic activities |
| title_full |
Effects of feature transformation and selection on classification of network traffic activities |
| title_fullStr |
Effects of feature transformation and selection on classification of network traffic activities |
| title_full_unstemmed |
Effects of feature transformation and selection on classification of network traffic activities |
| title_sort |
effects of feature transformation and selection on classification of network traffic activities |
| granting_institution |
Universiti Malaysia Sabah |
| granting_department |
Faculty of Computing and Informatics |
| publishDate |
2015 |
| url |
https://eprints.ums.edu.my/id/eprint/12079/1/mt0000000677.pdf |
| _version_ |
1747836439837540352 |