Affiliations 

  • 1 Faculty of Computer Science and Technology, University Malaysia Sarawak, 89007, Sarawak, Malaysia
  • 2 Faculty of Computer Science and Technology, University Malaysia Sarawak, 89007, Sarawak, Malaysia. ycwang@unimas.my
  • 3 Faculty of Cognitive Sciences and Human Development, University Malaysia Sarawak, 89007, Sarawak, Malaysia
  • 4 School of Big Data, Weifang Institute of Technology, Weifang, 262500, China
Sci Rep, 2022 Dec 01;12(1):20770.
PMID: 36456582 DOI: 10.1038/s41598-022-23765-x

Abstract

For generating an interpretable deep architecture for identifying deep intrusion patterns, this study proposes an approach that combines ANFIS (Adaptive Network-based Fuzzy Inference System) and DT (Decision Tree) for interpreting the deep pattern of intrusion detection. Meanwhile, for improving the efficiency of training and predicting, Pearson Correlation analysis, standard deviation, and a new adaptive K-means are used to select attributes and make fuzzy interval decisions. The proposed algorithm was trained, validated, and tested on the NSL-KDD (National security lab-knowledge discovery and data mining) dataset. Using 22 attributes that highly related to the target, the performance of the proposed method achieves a 99.86% detection rate and 0.14% false alarm rate on the KDDTrain+ dataset, a 77.46% detection rate on the KDDTest+ dataset, which is better than many classifiers. Besides, the interpretable model can help us demonstrate the complex and overlapped pattern of intrusions and analyze the pattern of various intrusions.

* Title and MeSH Headings from MEDLINE®/PubMed®, a database of the U.S. National Library of Medicine.