A Practical Intrusion Visualization Analyzer based on Self-organizing Map
The library of Self Organizing Map is achieved by https://github.com/JustGlowing/minisom
The whole process includes select a subset of features. The features selected are the same as those in
[1] Modinat M, Abimbola A, Abdullateef B, et al. Gain ratio and decision tree classifier for intrusion detection[J]. International Journal of Computer Applications, 2015, 126(1): 56-59. [2] Moustafa N, Slay J. A hybrid feature selection for network intrusion detection systems: Central points[J]. arXiv preprint arXiv:1707.05505, 2017.
After that, we apply Isolation Forest to remove the outlier in each class.
We pick out 10% training data to train the model. And we use the entire testing dataset for detection.
if this work does good for you, please cite:
Wang, Jie, Yun Lin, and Lei Chen. "A Practical Intrusion Visualization Analyzer based on Self-organizing Map." IEEE INFOCOM 2019-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 2019.