An Efficient Approach to Categorize Data Using Improved Dendritic Cell Algorithm with Dempster Belief Theory - Proceedings of All India Seminar on Biomedical Engineering 2012 (AISOBE-2012)

Biomedical Engineering Reference

In-Depth Information

Since 1999, KDD'99 [ 3 ] has been the most wildly used data set for the eval-

uation of anomaly detection methods. This data set is prepared by Stolfo et al. and

is built based on the data captured in DARPA'98 IDS evaluation program. There

are about 4,900,000 records and has 41 attributes [ 3 ].

The performance of an intrusion detection system may be evaluated in terms of

TP rate and FP rate.True Positive(TP) rate is calculated as the number of abnormal

patterns detected by the system, divided by the total number of abnormal patterns.

Here, A represents attack and I represents Intrusion.

TP

TP þ FN ¼ P ð A j I Þ

TPR ¼

ð 2 Þ

Similarly, True negative (TN) rate can be calculated as

TN

TP þ TN ¼ P ) A ) I

TNR ¼

ð

Þ

ð 3 Þ

False Positive(FP) rate occurs when the system wrongfully classifies normal

patterns as abnormal patterns. In this experiment, FP rate is calculated as the

number of false positives created by the system, divided by the total number of

self-antigens (Fig. 1 ).

FP

FP þ TN ¼ P ) AI

FNR =

ð

Þ

ð 4 Þ

Similarly FN (False negative) rate can be calculated as

FN

TP þ FN ¼ P ð) AI Þ

FNR ¼

ð 5 Þ

The comparison of the simulation result is given in Fig. 2 . It gives the com-

parison of the accuracy rate for the classification of attack using Dendritic Cell

Algorithm (DCA) with Dendritic Cell Algorithm with belief function (DCA-BE).

In simulation the generating function also called as the activated threshold value

was set to 1.

The maximum accuracy rate of the algorithm is possible only by using DCA

and the Belief function theory. Figure 2 shows when using DCA, classification of

the accuracy of attack never reaches even 92.00 %, but by using DCA-BE

approaches the accuracy rate reaches 96.00 %. The X-axes represents the accuracy

rate and the Y-axes indicate detection generating value.

Table 1 shows the results of the experiment 1. From experiment 1 we conclude

that the maximum accuracy of the detection of intrusion using DCA never reaches

above

92 %,

whereas

by

using

DCA-BE

the

accuracy

becomes

even

maximum 96 %.

In experiment 2, we can easily predicate that by using our proposed approaches

the TPR, TNR, FPR, and FNR are minimal. Whereas with the help of DCA all the

parameters show their maximum values. Figure 2 shows a comparison of the TPR,

TNR, FPR, and FNR rates between DCA versus DCA-BE in training data set.

Proceedings of All India Seminar on Biomedical Engineering 2012 (AISOBE-2012)

Search WWH ::

Custom Search

Home