 Research
 Open Access
 Published:
Entropy clusteringbased granular classifiers for network intrusion detection
EURASIP Journal on Wireless Communications and Networking volume 2020, Article number: 4 (2020)
Abstract
Support vector machine (SVM) is one of the effective classifiers in the field of network intrusion detection; however, some important information related to classification might be lost in the reprocessing. In this paper, we propose a granular classifier based on entropy clustering method and support vector machine to overcome this limitation. The overall design of classifier is realized with the aid of ifthen rules that consists of a premise part and conclusion part. The premise part realized by the entropy clustering method is used here to address the problem of a possible curse of dimensionality, while the conclusion part realized by support vector machines is utilized to build local models. In contrast to the conventional SVM, the proposed entropy clusteringbased granular classifiers (ECGC) can be regarded as an entropybased support function machine. Moreover, an oppositionbased genetic algorithm is proposed to optimize the design parameters of the granular classifiers. Experimental results show the effectiveness of the ECGC when compared with some classical models reported in the literatures.
Introduction
In the past decades, lots of techniques such as artificial intelligence and mathematical methods have been applied for many applications [1,2,3,4,5]. With the effectiveness in highdimensional spaces, support vector machine (SVM) becomes one of the most important classification models when solving the problem of classification.
Many researchers have utilized the SVM for solving the classification problem in the field of network intrusion detection. Chitrakar and Huang [6] have presented the selection of candidate support vectors in incremental SVM for network intrusion detection. Shams et al. [7] have used trust aware SVM when dealing with the network intrusion detection problems. Aburomman and Reaz [8] have proposed a novelweighted SVM multiclass classifier for the intrusion detection system. Yaseen et al. [9] have constructed multilevel hybrid SVM by means of Kmeans for network intrusion detection. Vijayanand et al. [10] have developed geneticalgorithmbased feature selection in the design of SVM for solving the network intrusion detection. Raman et al. [11] have proposed an efficient intrusion detection system with the aid of genetic algorithm optimized SVM. All these studies have developed SVM based on genetic algorithms or clustering methods; however, a design of SVM with both clustering methods and genetic algorithms remains open.
The entropy clustering method (ECM) [12] is a novel clustering method based on the concept of entropy that has been widely used in network intrusion detection. In comparison with the conventional clustering method such as Kmeans and CMeans, the ECM can obtain the number of clustering once the features of dataset are determined.
In the design of classification models, we require some crucial parameters for determining the structure. As one of the powerful optimization tools [13,14,15,16,17], genetic algorithms have been applied in lots of applications. In some previous studies [10], genetic algorithms have been successfully applied to optimize the support vector models. However, it should be stressed that the genetic algorithm could still get trapped in suboptimal regions of the search space. Furthermore, the problem of finding “good” parameters in the design of the rulebased classification models remains open.
In this study, we propose a rulebased granular classifier by means of entropy clustering method and support vector machine for network intrusion detection. The overall granular classifier is designed by means of a serial of rules that consist of a premise part and conclusion part. The premise part is realized by the entropy clustering method, while the conclusion part is realized with the aid of the support vector machine. In some senses, the proposed entropy clusteringbased granular classifiers (ECGC) can be regarded as an entropybased support function machine. Furthermore, an oppositebased genetic algorithm (OGA) is proposed to optimize the parameters of the granular classifier.
The structure of the paper is organized as follows. Section 2 presents the design of ECGC. Section 3 deals with the oppositebased genetic algorithm and the optimization of ECGC. Section 4 reports on experiments by using comparative studies. Finally, some conclusions are summarized in Section 5.
A design of the ECGCs
In the design of ECGC, the overall classification is divided into a number of rules that consist of a premise part and conclusion part. The premise part of rules determined by the entropy clustering method is to capture “rough, major structure”; while the conclusion part (local model) realized based on SVM is to capture “subtle, accurate structure.” In this way, we construct ECGC. Such rulebased classifiers can be expressed with some “ifthen” rules
where \( {}_{R^i} \) represents the ith rule, C_{i} denotes the ith cluster, i=1, ∙∙∙, n, n is equal to the number of rules, f_{i}(x) denotes the consequent output of the ith rule, and pattern classifiers are described by means of some discriminant functions f_{i}(x). An overall design of ECGC is described as shown in Fig.1.
Realization of premise part of rules using entropy clustering method
In the design of ECGC, the premise part of rules is formed by the entropy clustering method. Let G = (V, D) be an undirected graph, where V denotes the vertex set and D stands for the edge set. The steps of entropy clustering method can be summarized as the following steps:
[Step 1] Calculate the entropy rate E(P) by using the following expression.
where E(P) represents ethe ntropy rate, which quantifies the uncertainty of a random process P = {P_{t} t ∈ T} . Here, T denotes some index set.
[Step 2] Calculate the balancing term B(P) by using the following formula.
where N_{P} represents the number of connected components in the graph, \( {S}_P=\left\{{S}_1,{S}_2,...,{S}_{N_P}\right\} \) which means the graph partitioning for P.
[Step 3] Set E ← ∅ and U ← D.
[Step 4] Set \( a1\leftarrow \underset{a\in U}{\mathrm{argmax}}F\left(P\cup \left\{a\right\}\right)F(P) \), where F(P) = E(P) + kB(P), k denotes the number of clusters.
[Step 5] If P ∪ {a1} ∈ I then set P ← P ∪ {a1}; else set U ← U ∪ {a1}.
[Step 6] Repeat steps 4–5 until U = ∅.
Construction of conclusion part of rules using support vector machines
The conclusion part of the rules is realized by means of support vector machines [12]. Assume that the training dataset T is formed by the following expression:
Where x_{m} represents a training sample, y_{m} ∈ {−1, 1} is the class label of x_{m}, and n stands for the total number of training samples, m = 1, 2, ..., n.
Suppose that w and b are parameters of hyperplane functions that can be expressed as follows:
Then, optimal value of w and b can be calculated by the following model:
where p = (p_{1}, ......, p_{n})^{T} denotes the Lagrange multiplier vector, C represents a penalty parameter, K stands for a kernel function, and x_{m}, x_{j}, y_{m}, y_{j} are the mth input sample, the jth input sample, label of the mth input sample, and label of the jth input label, respectively. The steps of the support vector machine can be summarized as the following steps:
[Step 1] Divide the entire dataset into the training dataset and testing dataset.
[Step 2] Estimating the parameters w and b based on the expression (6).
[Step 3] Calculate the decision function of the support vector machine according to the expression (5).
[Step 4] Calculate the labels of testing data based on the decision function.
[Step 5] Obtain the classification results based on training and testing data.
Optimization of ECGC using oppositionbased genetic algorithms
Like the other classification models, the performance of ECGC is dramatically affected by the parameters. Here we present an oppositionbased genetic algorithm as the vehicle for the optimization of parameters in the design of ECGC. The mechanism of oppositionbased learning (OBL) [18, 19] has been shown to be an effective concept to enhance various optimization approaches. Let us recall the basic concept.
Oppositionbased point [19]: let P = (x_{1}, x_{2}, ......, x_{D}) be a point in a Ddimensional space, where x_{1}, x_{2}, ......, x_{D} ∈ R and x_{i} ∈ [a_{i}, b_{i}], ∀i ∈ {1, 2, ..., D}. The opposite point \( \overset{\cup }{P}=\left({\overset{\cup }{x}}_1,{\overset{\cup }{x}}_2,......,{\overset{\cup }{x}}_D\right) \) is completely defined by its components
Oppositionbased optimization (OBL) [19]: let P = (x_{1}, x_{2}, ......, x_{D}) be a point in a Ddimensional space (i.e., a candidate solution). Assume f(•) is a fitness function. According to the definition of the opposite point, we say that \( \overset{\cup }{P}=\left({\overset{\cup }{x}}_1,{\overset{\cup }{x}}_2,......,{\overset{\cup }{x}}_D\right) \) is the opposite of site P = (x_{1}, x_{2}, ......, x_{D}). Now, if \( f\left(\overset{\cup }{P}\right)\ge f(P) \), then the point P can be replaced with \( \overset{\cup }{P} \). Hence, the point and its opposite point are evaluated simultaneously in order to continue with one of the highest fitness.
With the opposition concept, we develop the oppositionbased genetic operator. The overall oppositionbased genetic algorithm can be summarized as follows:
[Step 1] Randomly generate the population of genetic algorithm, where the performance of ECGC is the objective function, the parameters in the design of ECGS are considered as chromosome.
[Step 2] Update the population based on oppositionbased population operator.
[Step 2.1] Find the interval boundaries [a_{i}, b_{i}] in the population set P1, where \( {a}_j=\min \left({x}_j^k\right),{b}_j=\max \left({x}_j^k\right) \), j = 1, 2, ......, h; k = 1, 2, ......, d. Here, h denotes the size of population, and d represents the dimension of an individual.
[Step 2.2] For each individual, generate a new individual \( {X}^{\mathrm{new}}=\left({x}_1^{\mathrm{new}},...,{x}_j^{\mathrm{new}},...,{x}_n^{\mathrm{new}}\right) \) based on the expression \( {x}_j^{\mathrm{new}}={a}_j+{b}_j{x}_j. \)
[Step 2.3] Obtain the opposition population set P2 by calculating the fitness value of each X^{new}.
[Step 2.4] Obtain the final population P^{new} by selecting the best h individuals based on the P1 ∪ P2.
[Step 3] Generate the new individual based on crossover.
[Step 4] Generate the new individual based on mutation.
[Step 5] Generate the new individual based on oppositionbased genetic operator.
[Step 5.1] Find the interval boundaries [a_{i}, b_{i}] in the population set P1, where \( {a}_j=\min \left({x}_j^k\right),{b}_j=\max \left({x}_j^k\right) \), j = 1, 2, ......, h; k = 1, 2, ......, d. Here, h denotes the size of the population, and d represents the dimension of an individual.
[Step 5.2] For each individual, generate a new individual \( {X}^{\mathrm{new}}=\left({x}_1^{\mathrm{new}},...,{x}_j^{\mathrm{new}},...,{x}_n^{\mathrm{new}}\right) \) based on the expression \( {x}_j^{\mathrm{new}}={a}_j+{b}_j{x}_j. \)
[Step 6] Select the new individual in the current population.
[Step 7] Repeat steps 3–6 until the terminal condition is satisfied.
A design procedure of the ECGCs
The overall design methodology of entropybased clustering granular classification is described in this section. The design of ECGC can be summarized in the following steps see (Fig. 2).
Step 1: Division of dataset
The original data is divided into training and testing datasets. Training data is used to construct the model of ECGC, while the testing data is utilized to evaluate the performance of ECGC. Suppose that the original input–output dataset is denoted as (xi,yi) = (x1i, x2i, …, xni, yi), i = 1, 2, …, N, where N is the number of data points. Let T be the number of correct classification patterns. The classification rate (CR) can be represented as follows
Furthermore, let TR be the classification rate for the training data, and TE be the classification rate for the testing data. It is evident that TR records the objective function (viz. performance index, PI) and TE stands for the testing performance index (TPI).
Step 2: Design of ECGC architecture with the aid of OGA
The overall design of ECGC can be regarded as the construction of rules that comprises the premise part and conclusion part. Here, the premise part is realized based on the entropyclustering method, while the conclusion part is realized by means of SVMs. OGA is used here to optimize the parameters not only in the entropybased clustering method but also in the design of SVMs. Specifically, In the ECGC, an individual is denoted as a vector comprising the number of clusters, the number of selected input variables, the input variable to be selected, and the parameters for each rule as shown in Fig. 3. The overall length of the individual corresponds to the number of clusters (viz. rules) to be used.
Step 3: Check the termination criterion
As to the termination criterion, we have used two different conditions. The first condition is that the number of loops is not more than a predetermined number, while the second condition is that the performance of the current local model is worse than a predetermined value [20]. It has stressed that the final optimal ECGC has been experimentally determined based on a sound compromise between the high accuracy and the low complexity of models.
Step 4: Final output
Report the optimal ECGC and final output.
Results and discussion
This section reports the experimental results of the proposed ECGC models. To evaluate the performance of the ECGC, we first experimented some benchmark machine learning data [21,22,23,24,25,26], and then applied the ECGC in the network intrusion detection KDDCUP 99 data. The symbols used in these experiments are listed as follows: TR denotes the performance index of training data, while TE represents the performance index of testing data. Furthermore, the parameters and boundaries of OGA are summarized as shown in Table 1. (The selection of these specific values of parameters is referred to reference [10, 27]).
Machine learning data
Some machine learning data are used to evaluate the performance of the proposed ECGC. In these experiments, datasets are partitioned into two parts: 80% of data is considered as training data, while the rest 20% of data is regarded as testing data.
Iris data
The iris flower dataset is a multivariate dataset introduced by Sir Ronald Fisher as an example of discriminant analysis. This is a classical dataset consisting of 150 inputoutput pairs, four input variables, and three classes.
Figure 4 depicts the values of the performance index (TR and TE) visàvis the ECGCs with the increasing rules. As shown in Fig. 4, the value of the performance index for training data TR is increased with the increasing prediction abilities of GCs. It is clear that the optimal classifier could have emerged with the layer of assigned rules (clusters). The testing performance TE increases in the case of two rules, while it becomes the same as the rules are equal to five. This tendency illustrates that the substantial increase of the rules improves the prediction abilities.
Figure 5 Displays the values of performance index TE range from one rule to five rules for the Iris data when selecting different parameters (penalty term and Kernel bandwidth of conclusion part). In most cases, the value of performance index TE raises with the increasing number of rules. This tendency demonstrates that the number of rules is beneficial to the enhanced TE.
Table 2 summarizes the experimental results. It is shown that the proposed ECGCs arrive at 98.25 ± 0.21 with five rules.
Some selected machine learning data
Five selected machine learning data are further used to evaluate the performance of the proposed ECGC model.
Here, the selected data with different number of input and variables are summarized as illustrated in Table 3.
Table 4 further shows the comparative results of the proposed ECGC and some wellknown machine learning models. As shown in Table 4, the proposed ECGC outperforms the better accuracy of classification as well as the prediction when compared to the models reported in the literatures.
KDDCUP99 data
In the field of network intrusion detection [27,28,29], some datasets can be obtained to evaluate the performance of models. To evaluate the performance of ECGC, here we experiment the ECGC on the benchmark KDDCUP99 data.
The KDDCUP99 data has 5,000,000 labeled records (viz. patterns) and 41 features (viz. input variables) provided by the Massachusetts Institute of Technology. This dataset consists of 24 different types of attacks that are divided into four groups: DDOS, Probe, U2R, and R2L. According to some studies [30,31,32], the filtered 10% KDDCUP99 data described as shown in Table 5 is used when dealing with lots of network intrusion detection issues. In the experiments, the dataset is partitioned into two parts: 50% of data is utilized as training data and the remaining 50% data is considered as testing data. Moreover, in order to compare with other models, we also used the existing performance index [27,28,29,30,31,32]:
True positive (TP). A TP represents one correct detection of an attack of network intrusion detection;
False positive (FP). A FP denotes an indication of an attack on traffic that should have been classified as “normal”;
True negative (TN). A TN stands for one correct classification of “normal Traffic” of network intrusion detection;
False negative (FN). A FN is written as a real attack that was misidentified as “Normal” traffic;
Accuracy. Accuracy is the common metric used for assessing the overall effectiveness of a classifier.
The expression of Accuracy can be formulated as follows:
The experimental results of ECGC are compared with the results of several wellknown models reported in the literatures as shown in Table 6. It is evident that the proposed ECGC outperforms the cited approaches in case of consistently good detection across all four types of attack classes.
Conclusions
In the reprocessing, conventional support vector machines have some inevitable limitations. One fact is that some important information related to classification might be lost. In this study, we have proposed ECGC to overcome this limitation. In the design of ECGC, SVMs are explored here as local models that are considered as the consequence part of rules, while the premise part of rules is realized with the aid of entropybased clustering method. Genetic algorithm is utilized to optimize the parameters when constructing the ECGC. It is evident that the proposed ECGC can be regarded as the extended SVMs to some extent. Experimental results on several wellknown datasets demonstrate the effectiveness of the ECGC, especially for the network intrusion detection dataset. More importantly, with the proposed ECGC, one can efficiently construct the optimal model (viz. optimization of the parameters in the design of model), which is the key issue to improve the performance when constructing models.
For future studies, new optimization algorithm can be included. By taking into account new optimization algorithm, one can obtain optimized ECGC. Furthermore, several objectives can be considered to construct ECGC, one can also develop multiobjective optimized ECGC.
Methods/experimental
This study aims at the design of classification for network intrusion detection. A granular classifier based on entropyclustering method and supported vector machine is constructed to overcome the shortcoming that most of the conventional classifiers such as SVM may lose some important information in the reprocessing. The proposed granular classifier that is designed by means of a serial of rules can also be regarded as an entropybased support function machine. Experiments illustrate that the performance of the granular classifier obtains “good” results in comparison with some wellknown classifiers.
It has to be stressed that, granular classifiers can further improve the performance with the aid of oppositebased genetic algorithm. Experimental results show that the performance of granular classifier can be generally improved. Also, the number of rules is quite effective in the final performance of the granular classifiers. Generally, with the growth of rules, the performance of granular classifiers is gradually increasing while its complex is rising.
Availability of data and materials
Data sharing not applicable to this article as no datasets were generated or analyzed during the current study.
Abbreviations
 CR:

Classification rate
 ECGC:

Entropy clusteringbased granular classifiers
 ECM:

Entropy clustering method
 FN:

False negative
 FP:

False positive
 GA:

Genetic algorithms
 OBL:

Oppositionbased learning
 OGA:

Oppositionbased genetic algorithm
 PI:

Performance index
 SVM:

Support vector machine
 TE:

Classification rate for testing data
 TN:

True negative
 TP:

True positive
 TPI:

Testing performance index
 TR:

Classification rate for training data
References
 1.
P. Huijse, P.A. Estevez, P. Protopapas, J.C. Principe, P. Zegers, Computational intelligence challenges and applications on large scale astronomical time series databases. IEEE Computational Intelligence Mag. 9(3), 27–39 (2014)
 2.
W. Huang, J. Wang, The shortest path problem on a timedependent network with mixed uncertainty of randomness and fuzziness. IEEE Transac Intelligent Trans Syst. 17(11), 3194–3204 (2016)
 3.
L. Wang, H. Zhen, X. Fang, S. Wan, W. Ding, Y. Guo, A unified twoparallelbranch deep neural network for joint gland contour and segmentation learning. Future Gen Comp Syst. 100(316324) (2019)
 4.
Q. Xu, L. Wang, X.H. Hei, P. Shen, W. Shi, L. Shan, GI/Geom/1 queue based on communication model for mesh networks. Int J Comm Syst. 27(11), 3013–3029 (2014)
 5.
W. Huang, L. Ding, The Shortest Path Problem on a Fuzzy TimeDependent Network. IEEE Transac Comm. 60(11), 3376–3385 (2012)
 6.
R. Chitrakar, C. Huang, Selection of candidate support vectors in incremental SVM for network intrusion detection. Comp Sec. 45, 231–241 (2014)
 7.
E.A. Shams, A. Rizaner, A.H. Ulusoy, Trust aware support vector machine intrusion detection and prevention system in vehicular ad hoc networks. Comp Sec. 78, 245–254 (2018)
 8.
A.A. Aburromman, M.B.I. Reaz, A novel weighted support vector machines multiclass classifier based on differential evolution for intrusion detection systems. Info Sci. 414, 225–246 (2017)
 9.
W. L. A. Yaseen, Z. A. Othman, M. Z. A. nazri, Expert Systems with Applications. Multilevel hybrid support vector machine and extreme learning machine based on modified Kmeans for intrusion detection systems. 67, 296303 (2017).
 10.
R. Vijayanand, D. Devaraj, B. Kannapiran, Comp Sec.. Intrusion detection system for wireless mesh network using multiple support vector machine classifiers with geneticalgorithmbased feature selection 77, 304314 (2018).
 11.
M.R.G. Raman, N. Somu, K. Kirthivasan, R. Liscano, V.S.S. Sriram, knowledgebased systems. An efficient intrusion detection system based on hypergraph genetic algorithm for parameter optimization and feature selection in support vector machine. 134, 112 (2017).
 12.
M.Y. Liu, O. Tuzel, S. Ramalingam, R. Chellappa, Entropyrate clustering: cluster analysis via maximizing a submodular function subject to a matroid constraint. IEEE Transac Pattern Anal Machine Intell. 36(1), 99–111 (2014)
 13.
R. Zhang, P. Xie, C. Wang, G. Liu, S. Wan, classifying transportation mode and speed from trajectory data via deep multiscale learning. Computer Networks. 162, 1–13 (2019)
 14.
W. Huang, S.K. Oh, W. Pedrycz, Hybrid fuzzy wavelet neural networks architecture based on polynomial neural networks and fuzzy set/relation inferencebased wavelet neurons. IEEE Transac Neural Networks Learn Syst. 29(8), 3452–3462 (2018)
 15.
W. Li, X. Liu, J. Liu, P. Chen, S. Wan, X. Cui, On improving the accuracy with autoencoder on conjunctivitis. App Soft Computing. 81, 1–11 (2019)
 16.
A.R. Solis, G. Panoutsos, Interval type2 radial basis function neural networks: a modeling framework. IEEE Transac Fuzzy Syst. 23, 457–473 (2015)
 17.
W. Huang, L. Ding, ProjectScheduling problem with random timedependent activity duration times. IEEE Transac Eng Management. 58(2), 377–387 (2011)
 18.
W. Huang, S.K. Oh, Z. Guo, W. Pedrycz, A space search optimization algorithm with accelerated convergence strategies. App Soft Computing. 13, 4659–4675 (2013)
 19.
S. Rahnamayan, H.R. Tizhoosh, M.A. Salama, OppositionBased differential evolution. IEEE Transac Evol Comp. 12(1), 64–79 (2008)
 20.
W. Huang, S.K. Oh, W. Pedrycz, IEEE Transac Fuzzy Syst Fuzzy Wavelet Neural Networks: Analysis and Design. 25(5), 34523462, 13291341 (2017).
 21.
M.E. Tipping, Adv. Neural Inf. Process. Syst. The relevance vector machine. 12, 652658 (2000).
 22.
M.A. Tahir, A. Bouridane, F. Kurugollu, Simultaneous feature selection and feature weighting using hybrid tabu search/Knearest neighbor classifier. Pattern Recog Letters. 28(4), 438–446 (2007)
 23.
J.P. Mei, L. Chen, Fuzzy clustering with weighted methods for relational data. Pattern Recog. 43(5), 1964–1974 (2010)
 24.
V. Vapnik, SpringVerlag. The nature of statistical learning theory. (1995).
 25.
T. Xiong and V. Cherkassy, Proceedings of the International Joint Conference on Neural Networks. A combined SVM and LDA approach for classification. 14551459 (2005).
 26.
Wei Huang, SungKwun Oh, Witold Pedrycz, Neural Networks. Design of hybrid radial basis function neural networks (HRBFNNs) realized with the aid of hybridization of fuzzy clustering method (FCM) and polynomial neural networks (PNNs). 60, 166181 (2014).
 27.
V. Jaiganesh, S. Mangayarkarasi, P. Sumathi, An efficient algorithm for network intrusion detection system. Int J Comp Applications. 90(12), 12–16 (2014)
 28.
W. Wei, X.L. Yang, P.Y. Shen, B. Zhou, Holes detection in anisotropic sensornets: Topological methods. Int J Distr Sensor Networks. 8(10), 1–10 (2012)
 29.
X. Wang, Z. Zhang, J. Li, Y. Wang, H. Cao, Z. Li, L. Shan, An optimized encoding algorithm for systematic polar codes. EURASIP J Wireless Comm Network. 193, 1–12 (2010)
 30.
S.J. Jang, C.H. Han, K.E. Lee, S.J. Yoo, Reinforcement learningbased dynamic band and channel selection in cognitive radio adhoc networks. EURASIP J Wireless Comm Network. 131, 1–25 (2019)
 31.
H. A. Nguyen, D. Choi, Berlin Heidelberg: Springer. Application of data mining to network intrusion detection: Classifier selection model. 2014.
 32.
M. Sabhnani, G. Serpen, Application of machine learning algorithms to KDD intrusion detection dataset within misuse detection context. In MLMTA, 2003.
Funding
This work was not supported by any fund.
Author information
Affiliations
Contributions
All authors contribute to the concept, the design and developments of the theory analysis and algorithm, and the simulation results in this manuscript. All authors read and approved the final manuscript.
Corresponding author
Ethics declarations
Competing interest
The authors declare that they have no competing interests.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.
About this article
Cite this article
Liu, H., Hao, G. & Xing, B. Entropy clusteringbased granular classifiers for network intrusion detection. J Wireless Com Network 2020, 4 (2020). https://doi.org/10.1186/s1363801915671
Received:
Accepted:
Published:
Keywords
 Entropy clusteringbased granular classifiers (ECGC)
 Entropy clustering method
 Support vector machine (SVM)
 Genetic Algorithms (GAs)