Research Article
Integrating Traffics with Network Device Logs for Anomaly Detection
Table 5
The detection results over XSS attack.
| XSS | FP | FN |
| 10-fold KNN for traffics | 8.2% | 5.6% | 10-fold SVM for traffics | 8.6% | 5.8% | 10-fold KNN for logs | 9.1% | 9.9% | 10-fold SVM for logs | 9.0% | 8.6% | 10-fold SVM for logs-and-traffics | 5.2% | 6.3% | 10-fold KNN for logs-and-traffics | 6.2% | 3.6% | TLCD (GBDT) | 4.3% | 2.5% |
|
|