Research Article
Integrating Traffics with Network Device Logs for Anomaly Detection
Table 8
The detection results over P2P botnet.
| P2P botnet | FP | FN |
| 10-fold KNN for traffics | 4.5% | 4.6% | 10-fold SVM for traffics | 5.2% | 5.0% | 10-fold KNN for logs | 6.4% | 6.0% | 10-fold SVM for logs | 6.0% | 5.9% | 10-fold SVM for logs-and-traffics | 2.9% | 2.9% | 10-fold KNN for logs-and-traffics | 3.3% | 2.9% | TLCD (GBDT) | 2.8% | 2.6% |
|
|