Jurnal Riset Informatika (Mar 2022)
COMPARATIVE ANALYSIS OF THE K-NEAREST NEIGHBOR ALGORITHM ON VARIOUS INTRUSION DETECTION DATASETS
Abstract
Security in computer networks can be vulnerable, this is because we have weaknesses in making security policies, weak computer system configurations, or software bugs. Intrusion detection is a mechanism for securing computer networks by detecting, preventing, and blocking illegal attempts to access confidential information. The IDS mechanism is designed to protect the system and reduce the impact of damage from any attack on a computer network for violating computer security policies including availability, confidentiality, and integrity. Data mining techniques have been used to obtain useful knowledge from the use of IDS datasets. Some IDS datasets that are commonly used are Full KDD, Corrected KDD99, NSL-KDD, 10% KDD, UNSW-NB15, Caida, ADFA Windows, and UNM have been used to get the accuracy rate using the k-Nearest Neighbors algorithm (k-NN). The latest IDS dataset provided by the Canadian Institute of Cybersecurity contains most of the latest attack scenarios named the CICIDS2017 dataset. A preliminary experiment shows that the approach using the k-NN method on the CICIDS2017 dataset successfully produces the highest average value of intrusion detection accuracy than other IDS datasets.
Keywords