Detecting Network Intrusions a Clustering Approach
نویسندگان
چکیده
With the increased usage of computer networks, security becomes a critical issue. Recently, data mining methods have gained lot of attention in addressing network security issues, including intrusion detection. Consequently, unsupervised learning methods have been given much importance for anomaly based network intrusion detection. In this paper, we investigate new clustering algorithms like farthest first (FFT), hierarchical conceptual clustering (COBWEB) and Sequential Information Bottleneck Clustering (sIB) in building our proposed network intrusion detection model. We evaluated our model using KDDCup’99 intrusion detection benchmark dataset. Our research shows that the proposed clustering methods enable us to build an efficient anomaly based network intrusion detection model with high detection rate and acceptable false positive rate in comparison to other existing methods.
منابع مشابه
Enhancing Network Intrusion Detection through Host Clustering
The state-of-the-art in intrusion detection mainly relies on signature-based techniques. Although signature-based detection is an efficient way of protecting against known threats, it will not protect against new, advanced intrusions such as Advanced Persistent Threats (APTs). Moreover, many intrusion detection systems only monitor the network traffic crossing the external border of a network, ...
متن کاملUnsupervised Sequential Information Bottleneck Clustering For Building Anomaly Based Network Intrusion Detection Model
In this paper we present a novel approach to unsupervised clustering in building an efficient anomaly based network intrusion detection model. The method is based on a recently introduced sequential information bottleneck (sIB) principle. KDDCup 1999 intrusion detection benchmark dataset is used for the experimentation of our proposed technique. The experimental results demonstrate that the pro...
متن کاملDimensionality Reduction Framework for Detecting Anomalies from Network Logs
Dynamic web services are vulnerable to a multitude of intrusions that could be previously unknown. Server logs contain vast amounts of information about network traffic, and finding attacks from these logs improves the security of the services. In this research features are extracted from HTTP query parameters using 2-grams. We propose a framework that uses dimensionality reduction and clusteri...
متن کاملA New Clustering Approach for Anomaly Intrusion Detection
Recent advances in technology have made our work easier compare to earlier times. Computer network is growing day by day but while discussing about the security of computers and networks it has always been a major concerns for organizations varying from smaller to larger enterprises. It is true that organizations are aware of the possible threats and attacks so they always prepare for the safer...
متن کاملAn Efficient and Accurate Intrusion Detection System to detect the Network Attack Groups using the Layer wise Individual Feature Set
In the field of Network Security, Intrusion is the severe threat for various Networks. So an efficient Intrusion Detection System is required to detect the intrusions that are spread through the Network. The main idea of this paper is to reduce the average control path latency incurred between request and response of the system as well as the increasing the detection rate of network attack grou...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011