Amalgamation of K-means Clustering Algorithm with Standard MLP and SVM Based Neural Networks to Implement Network Intrusion Detection System

Conference paper
Part of the Smart Innovation, Systems and Technologies book series (SIST, volume 28)

Abstract

Intrusion Detection Systems (IDS) are becoming an essential component usually in network and data security weapon store. Since huge amount of existing off-line data and newly appearing network records that needs analysis, data mining techniques play a vital role in development of IDS. The key idea of using data mining techniques for IDS is to aim at taking benefit of classification capability of supervised learning based neural networks and clustering abilities of unsupervised learning based neural networks. In this paper, we propose an efficient intrusion detection model by amalgamating competent data mining techniques such as K-means clustering, Multilayer layer perception (MLP) neural network and support vector machine (SVM), which significantly improve the prediction of network intrusions. Since the number of clusters desired for intrusion detection problem is defined by user a priori and does not change, we employed K-means clustering technique. In the final stage, SVM classifier is used as it produces superior results for binary classification while compared to the other classifiers. We have received the best results and these are compared with results of other existing methods to prove the effectiveness of our model.

Keywords

Intrusion Detection System Neural Networks Support Vector Machine K-means Clustering KDD cup 99 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Gupta, K.K., Nath, B., Kazi, A.U.: Attacking confidentiality: An agent based approach. In: Mehrotra, S., Zeng, D.D., Chen, H., Thuraisingham, B., Wang, F.-Y. (eds.) ISI 2006. LNCS, vol. 3975, pp. 285–296. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Debar, H., Becker, M., Siboni, D.: A Neural Network Component for an Intrusion Detection System. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 240–250 (1992)Google Scholar
  3. 3.
    Jirapummin, C., Wattanapongsakorn, N., Kanthamanon, P.: Hybrid neural networks for intrusion detection system. In: Proceedings of ITC–CSCC, pp. 928–931 (2002)Google Scholar
  4. 4.
    Horeis, T.: Intrusion detection with neural network – Combination of self organizing maps and redial basis function networks for human expert integration. A Research Report (2003)Google Scholar
  5. 5.
    Han, S.J., Cho, S.B.: Evolutionary neural networks for anomaly detection based on the behavior of a program. IEEE Transactions on Systems, Man and Cybernetics (B) 36(3), 559–570 (2005)CrossRefGoogle Scholar
  6. 6.
    Chen, Y.H., Abraham, A., Yang, B.: Hybrid flexible neural-tree-based intrusion detection systems. International Journal of Intelligent System 22(4), 337–352 (2007)CrossRefMATHGoogle Scholar
  7. 7.
    Norouzian, M.R., Merati, S.: Classifying Attacks in a Network Intrusion Detection system Based on Artificial Neural Networks. In: 2011 13th International Conference on Advanced Communication Technology (2011)Google Scholar
  8. 8.
    Vipnik, V.N.: The nature of Statistical Theory. Springer (1995)Google Scholar
  9. 9.
    Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion Detection using an Ensemble of Intelligent Paradigms. Journal of Network and Computer Applications 28(2), 167–182 (2004)CrossRefGoogle Scholar
  10. 10.
    Bousquet, O.: Introduction au Support Vector Machines (SVM). Center Mathematics applied, polytechnique school of Palaiseau (2001)Google Scholar
  11. 11.
    Aickelin, U., Twycross, J., Hesketh-Roberts, T.: Rule generalization in intrusion detection systems using SNORT. International Journal of Electronic Security and Digital Forensics 1(1), 101–116 (2007)CrossRefGoogle Scholar
  12. 12.
    Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: Proceedings IEEE International Conference on Computational Intelligence for Security and Defense Applications, pp. 53–58 (2009)Google Scholar
  13. 13.
    Kohavi, R., Provost, F.: Glossary of terms. Machine Learning, 271–274 (1998)Google Scholar
  14. 14.
    Pfahringer, B.: Winning the KDD99 Classification Cup: Bagged Boosting. SIGKDD Explorations 1, 65–66 (2000)Google Scholar
  15. 15.
    Agarwal, R., Joshi, M.V.: PNrule: A New Framework for Learning Classifier Models in Data Mining. In: First SIAM Conference on Data Mining in Network Intrusion Detection (2000)Google Scholar
  16. 16.
    Ambwani, T.: Multi class support vector machine implementation to intrusion detection. In: Proceedings of the International Joint Conference on Neural Networks, pp. 2300–2305 (2003)Google Scholar
  17. 17.
    Gupta, K.K., Nath, B., Kotagiri, R.: Layered Approach using Conditional Random Fields for Intrusion Detection. IEEE Transactions on Dependable and Secure Computin 7(1), 35–49 (2008)CrossRefGoogle Scholar
  18. 18.
    Lee, W., Stolfo, S.: A Framework for Constructing Features and Models for Intrusion Detection Systems. Information and System Security 4, 227–261 (2000)CrossRefGoogle Scholar
  19. 19.
    Lee, J.-H., Sohn, S.-G., Ryu, J.-H., Chung, T.-M.: Effective Value of Decision Tree with KDD 99 Intrusion Detection Datasets forIntrusion Detection System. In: Proceedings of 10th International Conference on Advanced Communication Technology, pp. 1170–1175 (2008)Google Scholar
  20. 20.
    Tran, T.P., Cao, L., Tran, D., Nguyen, C.D.: Novel Intrusion detection using Probabilistic Neural Network and Adaptive Boosting. International Journal of Computer Science and Information Security 6(1), 83–91 (2009)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.Department of Computer ScienceSri Jayachamarajendra College of EngineeringMysoreIndia
  2. 2.Department of Information ScienceNational Institute of Engineering (NIE)MysoreIndia

Personalised recommendations