Abstract
The Intrusion detection system (IDS) is an important tool to detect the unauthorized use of computer network and to provide the security for information. The IDS consists of two types signature-based (S-IDS) and anomaly-based (A-IDS) detection system. S-IDS detect only known attacks whereas A-IDSs are capable to detect unknown attacks. In this paper, we are focusing on A-IDS. The proposed system is Anomaly network intrusion detection system (ANIDS). The ANIDS is implemented using metaheuristic method, genetic algorithm and clustering techniques. The two different clustering techniques are used i.e. K-mean clustering and hierarchical clustering to check the performance of system in terms of false positive rate (FPR) and detector generation time (DGT). The system includes modules like input dataset, preprocessing on input dataset, clustering and selection of sample training dataset, testing dataset, and performance analysis using training and testing dataset. The experimental results are calculated based on large–scale dataset, i.e., NSL-KDD for detector generation time and false positive rate (FPR). Our proposed technique gives better result for false positive rate and detector generation time as compared to K-means clustering technique.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Morteza Amini, Rasool Jalili, Hamid Reza Shahriari. RT-UNNID: A practical solution to real-time network-based intrusion detection using unsupervised neural networks. Computers & security 25 (2006) 459–468.
Bishop M. Computer security, art and science. Addison-Wesley; 2003
James Brentano, Steven R Snapp et al. Architecture for Distributed Intrusion Detection. Division of computer science, University of California, 1991.
J.P. Anderson. Computer security threat monitoring and surveillance.Technical Report, James P. Anderson Co., Fort Washington, PA, April 1980
Tamer F. Ghanem, Wail S. Elkilani, Hatem. A hybrid approach for efficient anomaly detection using metaheuristic methods. Journal of advanced research, volume 6,issue 4 (2014) 609–619.
Osman, I.H., and Laporte, G. Metaheuristics bibliography. Ann. Oper. Res. 63, 513–623, 1996.
Blum, C., and Andrea R. Metaheuristics in Combinatorial Optimization: Overview and Conceptual Comparison. ACM Computing Surveys, 35(3), 268–308, 2003.
Xu X. Sequential anomaly detection based on temporal difference learning: principles models and case studies. Applied Soft Computing 2010.
Kartit A, Saidi A, Bezzazi F, El Marraki M, Radi A. A new approach to intrusion detection system. JATIT 2012.
Garcia-Teodoro P, Diaz-Verdejo J, Macia -Fernandez G, Vazquez E. Anomaly-based network intrusion detection: techniques, systems and challenges. Computer Security, volume 24, Issue 1–2, (2009) 18–28.
Forrest S, Perelson AS, Allen L, Cherukuri R. Self- NonSelf discrimination in a computer. In: Proceedings of the 1994 IEEE symposium on security and privacy; Oakland, USA: IEEE Computer Society; 1994.
Anna Sperotto, Michel Mandjes, RaminSadre, Pieter-Tjerk de Boer, and AikoPras. Autonomic Parameter Tuning of Anomaly-Based IDSs: an SSH Case Study. IEEE Transactions On Network And Service Management, Vol. 9, No. 2, June 2012.
Alexander G. Tartakovsky, Senior Member, IEEE, Aleksey S. Polunchenko, and Grigory Sokolov. Efficient Computer Network Anomaly Detection by Changepoint Detection Methods. IEEE Journal Of Selected Topics In Signal Processing, Vol. 7, No. 1, February 2013.
The NSL-KDD dataset. The available World Wide Web is http://nsl.cs.unb.ca/NSL-KDD/
S. C. Johnson (1967). Hierarchical Clustering Schemes. Psychometrika, 2:241–254
Chapter 17, Hierarchical Clustering, DRAFT!© April 1, 2009 Cambridge University Press
Tamer F.Ghanem,Wail S. Elkilani, Hatem. A hybrid approach for efficient anomaly detection using metaheuristic methods. Journal of advanced research, 2014.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Science+Business Media Singapore
About this paper
Cite this paper
Sangve, S.M., Thool, R.C. (2017). ANIDS: Anomaly Network Intrusion Detection System Using Hierarchical Clustering Technique. In: Satapathy, S., Bhateja, V., Joshi, A. (eds) Proceedings of the International Conference on Data Engineering and Communication Technology. Advances in Intelligent Systems and Computing, vol 468. Springer, Singapore. https://doi.org/10.1007/978-981-10-1675-2_14
Download citation
DOI: https://doi.org/10.1007/978-981-10-1675-2_14
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-1674-5
Online ISBN: 978-981-10-1675-2
eBook Packages: EngineeringEngineering (R0)