Anomaly Detection is widely used in applications related but not limited to intrusion detection, fault detection, fraud detection, health monitoring systems and many other places. The overall efficiency of these applications depends on the classification algorithm that is chosen. An efficient classification algorithm can thus greatly improve the accuracy of these applications. This paper proposes a hybrid approach involving Random Committee and Random Tree techniques for anomaly classification, resulting in most encouraging accuracy values. The proposed scheme is followed after the preprocessing phase that involves Feature Selection using Correlated Feature Selection (CFS) algorithm with the Best-First Search technique.
<div>The dynamic heterogeneous IoT contexts adversely affect the performance of learning-based network intrusion detection and prevention systems resulting in increased misclassification rates—necessitating an expert knowledge correlated evaluation framework. The proposed framework includes intrusion root cause analysis and a correlation model that can be generalized over any network intrusion dataset, corresponding expert knowledge, detection technique, and learning-based algorithm. The experimentations prove the robustness of the propounded</div><div>framework on imbalanced datasets.</div>
The dynamic contexts of heterogeneous Internet of Things (HetIoT) adversely affect the performance of learning-based network intrusion detection systems (NIDS) resulting in increased misclassification rates---necessitating an expert knowledge correlated evaluation framework. The proposed generalizable framework includes intrusion root cause analysis, correlation model, and correlated classification metrics that can be generalized over any NID dataset, corresponding expert knowledge, detection technique, and learning-based algorithm to facilitate context-awareness in reducing false alerts. To achieve this, we perform experimentations on the Bot-IoT dataset---with generalized traffic behaviors from multiple existing NID datasets---employing the Support Vector Machine (SVM) machine learning and Multilayer Perceptron (MLP) shallow neural network classifiers, demonstrating the generalizability, robustness, and improved performance of the propounded framework compared to the existing literature. Furthermore, the proposed framework offers minimal processing overhead on the classifier algorithms.<br>
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.