Trabalho de Conclusão de Curso - Graduação

Comparação de modelos preditivos para detecção de intrusão em redes de computadores

Among the tasks of data mining, classification is the one that stands out most when one wishes to discover a knowledge model in a database. However, in order to construct an efficient model, it is essential that the data classification be performed with data that is as close as possible to reality a...

ver descrição completa

Autor principal: BENTES, Eliel dos Santos
Grau: Trabalho de Conclusão de Curso - Graduação
Publicado em: 2019
Assuntos:
Acesso em linha: http://bdm.ufpa.br/jspui/handle/prefix/1333
Resumo:
Among the tasks of data mining, classification is the one that stands out most when one wishes to discover a knowledge model in a database. However, in order to construct an efficient model, it is essential that the data classification be performed with data that is as close as possible to reality and with algorithms that perform optimally. In this context, many studies are done using data mining techniques as a fundamental tool in an Intrusion Detection System. These systems are essential to complement the security of a computer network environment, where network traffic analysis needs to be done quickly and accurately to prevent unwanted access. In this work, simulations were performed in an intrusion detection environment where the performance of two machine learning algorithms, the Decision Tree and the Naive Bayes, were analyzed in the task of classifying normal or abnormal connections using the dataset KDDCUP'99. The classification of the data set was performed in two stages, in the first one with only two connection classes (normal and abnormal) using the cross-validation technique with a value of k less than or equal to 10. In the second one with five detection classes (four for attacks and a normal) using the value of k greater than or equal to 10. The performance measures used for the algorithms were: hit rate, error rate and time for model construction. The experiments were performed using the WEKA environment.