<![CDATA[The increasing use of computer networks and internet-based services has made cybersecurity threats more complex. Intrusion Detection Systems (IDS) play a crucial role in identifying network attacks; however, conventional signature- or rule-based approaches are limited in handling novel attacks and dynamically changing attack patterns. Therefore, machine learning approaches are applied to enhance the adaptive capabilities of IDS. Nevertheless, the use of machine learning in IDS still faces a major challenge: data imbalance, where normal traffic significantly outweighs attack traffic. This condition biases models toward the majority class, leading to suboptimal detection of minority attacks. Based on this issue, this study aims to improve the performance of the K-Nearest Neighbor (KNN) method in network attack detection by applying the Synthetic Minority Over-sampling Technique (SMOTE) and parameter tuning. The study employs KNN with parameter tuning and SMOTE to address multiclass data imbalance in network attack detection. Parameter tuning is conducted to determine the optimal value of k and distance functions, including Euclidean, Manhattan, and Cosine Similarity. The results show that KNN with k = 3 and Manhattan distance on SMOTE-balanced data achieves the highest accuracy of 96.51%, outperforming Euclidean and Cosine Similarity distances. These findings conclude that applying SMOTE and appropriately selecting k and distance metrics significantly improve KNN performance in network attack detection and increase overall detection accuracy.]]>
Copyrights © 2026
