Skip to main content
SpringerLink
Log in

ANIDS: Anomaly Network Intrusion Detection System Using Hierarchical Clustering Technique

  • Conference paper
  • First Online:
Proceedings of the International Conference on Data Engineering and Communication Technology

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 468))

Abstract

The Intrusion detection system (IDS) is an important tool to detect the unauthorized use of computer network and to provide the security for information. The IDS consists of two types signature-based (S-IDS) and anomaly-based (A-IDS) detection system. S-IDS detect only known attacks whereas A-IDSs are capable to detect unknown attacks. In this paper, we are focusing on A-IDS. The proposed system is Anomaly network intrusion detection system (ANIDS). The ANIDS is implemented using metaheuristic method, genetic algorithm and clustering techniques. The two different clustering techniques are used i.e. K-mean clustering and hierarchical clustering to check the performance of system in terms of false positive rate (FPR) and detector generation time (DGT). The system includes modules like input dataset, preprocessing on input dataset, clustering and selection of sample training dataset, testing dataset, and performance analysis using training and testing dataset. The experimental results are calculated based on large–scale dataset, i.e., NSL-KDD for detector generation time and false positive rate (FPR). Our proposed technique gives better result for false positive rate and detector generation time as compared to K-means clustering technique.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Morteza Amini, Rasool Jalili, Hamid Reza Shahriari. RT-UNNID: A practical solution to real-time network-based intrusion detection using unsupervised neural networks. Computers & security 25 (2006) 459–468.

    Google Scholar 

  2. Bishop M. Computer security, art and science. Addison-Wesley; 2003

    Google Scholar 

  3. James Brentano, Steven R Snapp et al. Architecture for Distributed Intrusion Detection. Division of computer science, University of California, 1991.

    Google Scholar 

  4. J.P. Anderson. Computer security threat monitoring and surveillance.Technical Report, James P. Anderson Co., Fort Washington, PA, April 1980

    Google Scholar 

  5. Tamer F. Ghanem, Wail S. Elkilani, Hatem. A hybrid approach for efficient anomaly detection using metaheuristic methods. Journal of advanced research, volume 6,issue 4 (2014) 609–619.

    Google Scholar 

  6. Osman, I.H., and Laporte, G. Metaheuristics bibliography. Ann. Oper. Res. 63, 513–623, 1996.

    Google Scholar 

  7. Blum, C., and Andrea R. Metaheuristics in Combinatorial Optimization: Overview and Conceptual Comparison. ACM Computing Surveys, 35(3), 268–308, 2003.

    Google Scholar 

  8. Xu X. Sequential anomaly detection based on temporal difference learning: principles models and case studies. Applied Soft Computing 2010.

    Google Scholar 

  9. Kartit A, Saidi A, Bezzazi F, El Marraki M, Radi A. A new approach to intrusion detection system. JATIT 2012.

    Google Scholar 

  10. Garcia-Teodoro P, Diaz-Verdejo J, Macia -Fernandez G, Vazquez E. Anomaly-based network intrusion detection: techniques, systems and challenges. Computer Security, volume 24, Issue 1–2, (2009) 18–28.

    Google Scholar 

  11. Forrest S, Perelson AS, Allen L, Cherukuri R. Self- NonSelf discrimination in a computer. In: Proceedings of the 1994 IEEE symposium on security and privacy; Oakland, USA: IEEE Computer Society; 1994.

    Google Scholar 

  12. Anna Sperotto, Michel Mandjes, RaminSadre, Pieter-Tjerk de Boer, and AikoPras. Autonomic Parameter Tuning of Anomaly-Based IDSs: an SSH Case Study. IEEE Transactions On Network And Service Management, Vol. 9, No. 2, June 2012.

    Google Scholar 

  13. Alexander G. Tartakovsky, Senior Member, IEEE, Aleksey S. Polunchenko, and Grigory Sokolov. Efficient Computer Network Anomaly Detection by Changepoint Detection Methods. IEEE Journal Of Selected Topics In Signal Processing, Vol. 7, No. 1, February 2013.

    Google Scholar 

  14. The NSL-KDD dataset. The available World Wide Web is http://nsl.cs.unb.ca/NSL-KDD/

  15. S. C. Johnson (1967). Hierarchical Clustering Schemes. Psychometrika, 2:241–254

    Google Scholar 

  16. Chapter 17, Hierarchical Clustering, DRAFT!© April 1, 2009 Cambridge University Press

    Google Scholar 

  17. Tamer F.Ghanem,Wail S. Elkilani, Hatem. A hybrid approach for efficient anomaly detection using metaheuristic methods. Journal of advanced research, 2014.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ZCOER, Computer Engineering, SP Pune University, Pune, Maharashtara, India

    Sunil M. Sangve

  2. SGGIET Computer Science and Engineering, Nanded, Maharashtara, India

    Ravindra C. Thool

Authors
  1. Sunil M. Sangve
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ravindra C. Thool
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sunil M. Sangve .

Editor information

Editors and Affiliations

  1. Department of Computer Science & Engineering, ANITS, Visakhapatnam, India

    Suresh Chandra Satapathy

  2. Dept. of ECE, Shri Ramswaroop Mem. Group of Prof. Clg, Lucknow, Uttar Pradesh, India

    Vikrant Bhateja

  3. Sabar Institute of Technology, Tajpur, Sabarkantha, Gujarat, India

    Amit Joshi

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Science+Business Media Singapore

About this paper

Cite this paper

Sangve, S.M., Thool, R.C. (2017). ANIDS: Anomaly Network Intrusion Detection System Using Hierarchical Clustering Technique. In: Satapathy, S., Bhateja, V., Joshi, A. (eds) Proceedings of the International Conference on Data Engineering and Communication Technology. Advances in Intelligent Systems and Computing, vol 468. Springer, Singapore. https://doi.org/10.1007/978-981-10-1675-2_14

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-1675-2_14

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-1674-5

  • Online ISBN: 978-981-10-1675-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation