@article{4665,
  author = {Xiao Lijun},
  title = {An Improved Synthetic Weighted Naïve Bayes Framework for Probabilistic Intrusion Detection and Cloud Forensics},
  journal = {Journal of Information Security Research},
  year = {2026},
  volume = {17},
  number = {1},
  doi = {https://doi.org/10.6025/jisr/2026/17/1/23-36},
  url = {https://www.dline.info/jisr/fulltext/v17n1/jisrv17n1_2.pdf},
  abstract = {This paper outlines a probabilistic intrusion detection and computer forensics framework tailored for cloud
and networked environments. It addresses the limitations of traditional intrusion detection systems (IDSs),
particularly the inefficacy of signature based methods against evolving threats such as polymorphic malware
and advanced persistent threats (APTs). The proposed approach integrates Bayesian networks with an
Improved Synthetic Weighted Naïve Bayes (ISWNB) classifier, which enhances detection accuracy by
incorporating attribute correlation and value sensitive weighting thereby relaxing the strict independence
assumption of standard Naïve Bayes models. The methodology includes Bayesian fuzzy clustering for grouping
cloud nodes based on behavioral similarity, followed by a two level classification using a Group Search-
Gravitational optimized Support Vector Neural Network (GG-SVNN), as introduced in prior work by
Tummalapalli (2021).
Experimental evaluation was conducted on the KDD Cup 1999 dataset, with preprocessing steps including
feature selection and discretization. Results show that ISWNB achieves an average classification accuracy
of 98.76%, outperforming baseline models such as J48, standard Naïve Bayes, and other weighted variants.
The system demonstrates strong performance against common attack types (DoS, Probe), but faces challenges
with minority classes such as R2L and U2R due to dataset imbalance. Computational efficiency remains
high, enabling near real time forensic analysis. The framework also emphasizes forensic integrity, aligning
with standardized digital evidence handling procedures. Future work includes validation on modern datasets
(e.g., NSL-KDD, CICIDS), integration with deep or ensemble learning, and incorporation of explainable AI
(XAI) techniques to enhance interpretability in forensic investigations. Overall, the study advances scalable,
accurate, and interpretable intrusion detection for dynamic cloud environments.},
}