Table 6 Comparison results for the 10% KDD Cup 99 dataset
From: Entropy clustering-based granular classifiers for network intrusion detection
Classifier | Testing samples | TP/FP | DDoS | Probe | U2R | R2L | Mean TP/FP ratio | Â |
|---|---|---|---|---|---|---|---|---|
FNT [27] | 11,982 | TP | 98.75 | 98.39 | 99.7 | 99.09 | 203.84 | Â |
FP | 0.62 | 1.39 | 0.22 | 0.75 | ||||
ID3 [28] | 311,029 | TP | 99.52 | 97.85 | 49.21 | 92.75 | 756.66 | Â |
FP | 0.04 | 0.55 | 0.14 | 10.03 | Â | |||
Naïve Bayes [29] | 77,287 | TP | 79.2 | 94.8 | 12.2 | 0.1 | 209.01 |  |
FP | 1.7 | 13.3 | 0.9 | 0.3 | ||||
SVM [30] | 15,437 | TP | 96.32 | 63.81 | 34.48 | 85.64 | 40.00 | Â |
FP | 1.63 | 0.94 | 0.05 | 4.4 | ||||
J48 [31] | 15,437 | TP | 96.8 | 75.2 | 12.2 | 0.1 | 148.75 | Â |
FP | 1 | 0.2 | 0.1 | 0.5 | ||||
K-means [32] | 311,029 | TP | 97.3 | 87.6 | 29.8 | 6.4 | 103.86 | Â |
FP | 0.4 | 2.6 | 0.4 | 0.1 | ||||
SOM [31] | 15,437 | TP | 96.4 | 74.3 | 13.3 | 0.1 | 125.35 | Â |
FP | 0.8 | 0.3 | 0.1 | 0.4 | ||||
GAU [32] | 311,029 | TP | 82.4 | 90.2 | 22.8 | 9.6 | 60.28 | Â |
FP | 0.9 | 11.3 | 0.5 | 0.1 | ||||
OneR [32] | 49,596 | TP | 94.2 | 12.9 | 10.7 | 10.7 | 63.80 | Â |
FP | 6.8 | 0.1 | 2 | 0.1 | ||||
Bayes DT combo [29] | 311,029 | TP | 87.9 | 76.23 | 12.33 | 30.6 | 44.68 | Â |
FP | 0.67 | 1.7 | 8.9 | 23.8 | ||||
NBTree [31] | 15,437 | TP | 97.4 | 73.3 | 1.2 | 0.1 | 40.00 | Â |
FP | 1.2 | 1.1 | 0.1 | 0.5 | ||||
Naïve Baye s[31] | 15,437 | TP | 79.2 | 94.8 | 12.2 | 0.1 | 16.90 |  |
FP | 1.7 | 13.3 | 0.9 | 0.3 | ||||
The proposed ECGC | 15,437 | TP | 99.98 | 97.85 | 100 | 97.57 | 3055 | Â |
FP | 0.01 | 0.05 | 0 | 0.89 | Â |