@inproceedings{c12297f0acb54ddcabc7f6ad1e122e13,
title = "A Partial Approach to Intrusion Detection",
abstract = "The need for intrusion detection continues to grow with the advancement of new and emerging devices, the increase in the vectors of attack these bring, and their computational limitations. This work examines the suitability of a traditional data mining approach often overlooked in intrusion detection, partial decision trees, on the recent CICIDS 2017 dataset. The approach was evaluated against recent deep learning results and shows that the partial decision tree outperformed these deep learning techniques for the detection of DDoS and Portscan attacks. Further analysis of the complete dataset has been performed using this partial technique. The creation of a reduced feature version of the dataset is proposed using PCA and is evaluated using a partial decision tree. It shows that a ten feature version of the dataset can produce a detection rate of 99.4% across the twelve classes, with a 77% reduction in training time.",
keywords = "CICIDS, Data mining, IDS, Partial decision trees, PCA",
author = "John Sheppard",
note = "Publisher Copyright: {\textcopyright} 2021, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.; 11th EAI International Conference on Digital Forensics and Cyber Crime, ICDF2C 2020 ; Conference date: 15-10-2020 Through 16-10-2020",
year = "2021",
doi = "10.1007/978-3-030-68734-2_5",
language = "English",
isbn = "9783030687335",
series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",
publisher = "Springer",
pages = "78--97",
editor = "Sanjay Goel and Pavel Gladyshev and Daryl Johnson and Makan Pourzandi and Suryadipta Majumdar",
booktitle = "11th EAI International Conference, ICDF2C 2020, Proceedings",
address = "United States",
}