Online Naive Bayes Classification for Network Intrusion Detection

Gumus F., ŞAKAR C. O. , Erdem Z., Kursun O.

IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), Beijing, China, 17 - 20 August 2014, pp.670-674 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Volume:
  • Doi Number: 10.1109/asonam.2014.6921657
  • City: Beijing
  • Country: China
  • Page Numbers: pp.670-674


Intrusion detection system (IDS) is an important component to ensure network security. In this paper we build an online Naive Bayes classifier to discriminate normal and bad (intrusion) connections on KDD 99 dataset for network intrusion detection. The classifier starts with a small number of training examples of normal and bad classes; then, as it classifies the rest of the samples one at a time, it continuously updates the mean and the standard deviations of the features (IDS variables). We present experimental results of parameter updating methods and their parameters for the online Naive Bayes classifier. The obtained results show that our proposed method performs comparably to the simple incremental update.