Total views : 218

Fast kNN Classifiers for Network Intrusion Detection System


  • Computer Center, Acharya Nagarjuna University, Guntur - 522510, Andhra Pradesh, India


Objective and Background: To adapt two fast kNN classification algorithms i.e., Indexed Partial Distance Search kNearest Neighbor (IKPDS), Partial Distance Search kNearest Neighbor (KPDS) and comparing with traditional kNN classification for Network Intrusion Detection. Methods/Statistical Analysis: NSL-KDD data set is used to evaluate the kNN classification, KPDS and IKPDS with 10 fold cross validation test. This experiment results shows that the IKPDS reduces the classification completion time compare with kNN and KPDS by preserving the same classification accuracy as well as the same error rate for different types of attacks. A novelistic method proposed for classifying the unknown patterns whether it is a malicious or legitimate using IKPDS algorithm. Findings: These algorithms efficiency were tested with the sample of 12597 instances and verified with actual class label. The resultsshow that 99.6% accuracy of the proposed method. Applications/Improvements: A deep analysis can be performed on DoS and Probe attacks as they are exhibiting similar characters andfeature selection techniques may also be implemented inorder to improve the accuracy and reduce the computational time.


IKPDS, Intrusion Detection, kNN Classification, NSL-KDD, Partial Distance Search

Full Text:

 |  (PDF views: 216)


  • Axelsson S. Research in intrusion-detection systems: A survey.Technical Report 98-17, Department of Computer Engineering, Chalmers University of Technology. Goteborg,Sweden; 1998 Dec. p. 1−93.
  • Hwang WJ, Wen KW. Fast kNN classification algorithm based on partial distance search. Electron Letter. 1998; 34(21):2062−3. Crossref
  • Lee W, Stolfo SJ, Mok KW. A data mining framework for building intrusion detection models. Proceedings of the 1999 IEEE Symposium in Security and Privacy; 1999. p.120−32.
  • Lippmann RP, Fried DJ, Graf I, Haines JW, Kendall P, McClung D, Weber D, Webster SE, Wyschogrod D, Cunningham RK, Zissman MA. Evaluating intrusion detection systems: The 1998 DARPA offline intrusion detection evaluation.Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX). 2000 Jan; 2:12−26.
  • Dokas P, Ertoz L, Kumar V, Lazarevic A, Srivastava J, Tan PN. Data mining for network intrusion detection. Proceedings of NSF Workshop on Data Mining; 2002. p. 21–30.
  • Xie Q, Laszlo CA, Ward RK. Vector quantization technique for nonparametric classifier design. IEEE Transactions on Pattern Analysis and Machine Intelligence. 1993; 15(12):1326−30. Crossref
  • Jeng-Shyang, PAN, Yu-Long, QIA, Sheng-He SUN. A fast K nearest neighbors classification algorithm. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences. 2004; 87(4):961−3.
  • Tavallaee M, Bagheri E, Lu W, Ghorbani AA. A detailed analysis of the KDD CUP 99 data set. Proceedings of Computational Intelligence for Security and Defense Applications.2009 Jul; 8:1−6. Crossref
  • Nsl-kdd data set for network-based intrusion detection systems [Internet]. Available from: Crossref
  • Qiao YL, Pan JS, Sun SH. Improved partial distance search for k nearest-neighbor classification. 2004 IEEE International Conference in Multimedia and Expo, ICME’04. 2004 Jun; 2:1275−8.
  • Wang W, Zhang X, Gombault S, Knapskog SJ. Attribute normalization in network intrusion detection. 10th international symposium in Pervasive Systems, Algorithms, and Networks (ISPAN). 2009; 2:448−53.
  • Panda M, Abraham A, Patra MR. A hybrid intelligent approach for network intrusion detection. Proceedings of International Conference on Communication Technology and System Design. 2012; 30:1−9. Crossref
  • Jamshidi Y, Nezamabadi-pour H. A Lattice based nearest neighbor classifier for anomaly intrusion detection. Journal of Advances in Computer Research. 2013 Nov; 4(4):51−60.
  • Chaurasia S, Jain A. Ensemble neural network and k-NN classifiers for intrusion detection. International Journal of Computer Science and Information Technology. 2014; 5:2481−5.
  • Tharwat A, Ghanem AM, Hassanien AE. Three different classifiers for facial age estimation based on k-nearest neighbor. Proceedings of Computer Engineering Conference (ICENCO); 2013 Dec. p. 55−60. Crossref
  • Zhang L, Coenen F, Leng P. Setting attribute weights for k-NN based binary classification via quadratic programming.Intelligent Data Analysis. 2003 Jan; 7(5):427−41.
  • Bhavsar YB, Waghmare KC. Intrusion detection system using data mining technique: Support vector machine. International Journal of Emerging Technology and AdvancedEngineering. 2013 Mar; 3(3):581−6.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.