Network Intrusion Detection Method Based on PCA and Bayes Algorithm

<table class="fixed-width table-group" id="tab2"><tr><td><table class="table"><colgroup><col style="width:9.62em"/><col style="width:26.47em"/></colgroup><tr><td class="thead-hr" colspan="2"><hr/></td></tr><tr class="thead"><td class="align_left">Features</td><td class="align_center">Descriptions</td></tr><tr><td class="thead-hr" colspan="2"><hr/></td></tr><tr><td class="align_left"><i>hot</i></td><td class="align_center">Number of times to access system sensitive files and directories</td></tr><tr><td class="align_left"><i>num_failed_logins</i></td><td class="align_center">The number of failed login attempts</td></tr><tr><td class="align_left"><i>logged_in</i></td><td class="align_center">The successful login is 1, otherwise 0</td></tr><tr><td class="align_left"><i>num_compromised</i></td><td class="align_center">The number of times the compromised condition appears</td></tr><tr><td class="align_left"><i>root_shell</i></td><td class="align_center">1 if the root shell was obtained, 0 otherwise</td></tr><tr><td class="align_left"><i>su_attempted</i></td><td class="align_center">If the “su root” command appears, it is 1, otherwise it is 0</td></tr><tr><td class="align_left"><i>num_root</i></td><td class="align_center">The number of root user access</td></tr><tr><td class="align_left"><i>num_file_creations</i></td><td class="align_center">The number of times the file is created</td></tr><tr><td class="align_left"><i>num_shells</i></td><td class="align_center">The number of times the shell command is used</td></tr><tr><td class="align_left"><i>num_access_files</i></td><td class="align_center">The number of access control files</td></tr><tr><td class="align_left"><i>num_outbound_cmds</i></td><td class="align_center">The number of outbound connections in an FTP session</td></tr><tr><td class="align_left"><i>is_hot_login</i></td><td class="align_center">Whether the login belongs to the “hot” list</td></tr><tr><td class="align_left"><i>is_guest_login</i></td><td class="align_center">1 if guest login, 0 otherwise</td></tr><tr class="table-tr"><td colspan="2"><hr class="tbody-hr"/></td></tr></table></td></tr></table>

<div>Content features of TCP connections.</div>

Security and Communication Networks

tab2

Table 2

Table 2: Network Intrusion Detection Method Based on PCA and Bayes Algorithm 