Network intrusion detection based on improved KNN algorithm
Abstract In recent years, network attacks have occurred frequently, and Trojan horses, worms, and ransomware have emerged endlessly on the Internet. This poses a serious threat to cyber security and even national security. Therefore, a new three-branch decision soft increment K-nearest neighbor algo...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-08-01
|
| Series: | Scientific Reports |
| Subjects: | |
| Online Access: | https://doi.org/10.1038/s41598-025-14199-2 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Abstract In recent years, network attacks have occurred frequently, and Trojan horses, worms, and ransomware have emerged endlessly on the Internet. This poses a serious threat to cyber security and even national security. Therefore, a new three-branch decision soft increment K-nearest neighbor algorithm is proposed, representing the class cluster as an interval set. The interval set’s upper, boundary, and lower bound correspond to the positive, boundary, and negative domains generated by the three-branch decision. An initial K-nearest neighbor algorithm based on representative points is proposed. The new datasets are pre-clustered in the same way to eliminate the influence of data processing order on the final clustering results. The results showed that the improved K-nearest algorithm could accurately classify Normal, Dos, and Probing, and the classification accuracy was above 85%. The accuracy of U2R was lower, with an average of 57.32%. The proposed method had the highest classification accuracy on the dataset, and the detection rate of all types of attacks reached more than 98%. This proposal is of great significance for the protection of network security. |
|---|---|
| ISSN: | 2045-2322 |