Classification of Network Traffic Using Fuzzy Clustering for Network Security
The use of computer networks has increased significantly in recent years. This proliferation, in combination with the interconnection of networks via the Internet, has drastically increased their vulnerability to attack by malicious agents. The wide variety of attack modes has exacerbated the problem in detecting attacks. Many current intrusion detection systems (IDS) are unable to identify unknown or mutated attack modes or are unable to operate in a dynamic environment as is necessary with mobile networks. As a result, it has become increasingly important to find new ways to implement and manage intrusion detection systems. Classification-based IDS are commonly used, however, they are often unable to adapt to dynamic environments or to identify previously unknown attack modes. Fuzzy-based systems accommodate the imprecision associated with mutated and previously unidentified attack modes. This paper presents a novel approach to intrusion detection using fuzzy clustering of TCP packets based upon a reduced set of features. The method is shown to provide superior performance in comparison to traditional classification approaches. In addition, the method demonstrates improved robustness in comparison to other evolutionary-based techniques.
KeywordsFuzzy clustering Fuzzy classification Intrusion detection Network security
Unable to display preview. Download preview PDF.
- 3.Fessi, B.A., BenAbdallah, S., Djemaiel, Y., Boudriga, N.: A clustering data fusion method for intrusion detection system. In: Proc. 11th IEEE Intl. Conf. on Computer and Information Technology, pp. 539–545. IEEE Press (2011)Google Scholar
- 4.Gharehchopogh, F. S., Jabbai, N., Azar, Z. G.: Evaluation of fuzzy k-means and k-means clustering algorithms in intrusion detection systems. Intl. J. of Scientific & Technology Research 1, pp. 66–72 (2012)Google Scholar
- 5.Jiang, W., Yao, M.,Yan, J. : Intrusion detection based on improved fuzzy c-means algorithm. In: Proc. 2008 Intl. Symp. Information Science and Engineering, pp. 326–329 (2008)Google Scholar
- 6.Ghadiri, A., Ghadiri, N.: An adaptive hybrid architecture for intrusion detection based on fuzzy clustering and RBF neural networks. In: Proc. Ninth Annual Communication Networks and Services Research Conf., pp. 123–129 (2011)Google Scholar
- 7.Wu, J., Feng, G.: Intrusion detection based on simulated annealing and fuzzy c-means clustering. In: Proc. 2009 Intl. Conf. on Multimedia Information Networking and Security, pp. 382–385. IEEE Press (2009)Google Scholar
- 8.Ensafi, R., Dehghanzadeh, S., Akbarzadeh, M.: Optimizing fuzzy k-means for network anomaly detection using PSO. In: Proc. IEEE/ACS Intl. Conf. on Computer Systems and Applications (AICCSA 2008), pp. 686-693. IEEE Press (2008)Google Scholar
- 9.University of California, Irvine, KDD99 Cup 1999 Dataset (1999). http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html