Abstract
The aim of a typical intrusion detection framework is to recognize attacks with a high discovery rate and low false alarm rate. Many algorithms have been proposed for detecting intrusions using various soft computing approaches such as self-organizing map (SOM), clustering etc. In this paper, an effort has been made to enhance the intrusion detection algorithm proposed by Nadya et al. The proposed enhancement of the algorithm is done by adding the SOM training process. Clustering of the data is done to differentiate abnormal data from the normal data. The clustered data may sometime contain both normal and abnormal data thus leading to false alarms. In this regard, k-means algorithm is further used to detect those abnormal data and reducing the rate of false positive. The SOM is trained using the neural network toolbox present in Matlab R2010b. The enhanced algorithm yields desired results both in terms of higher detection rates and removal of false positives.
References
Luo, N., Yuan, F., Zuo, W., He, F., Zhou, Z.: Improved unsupervised anomaly detection algorithm. In: Proceedings of Third International Conference, RSKT 2008, Chengdu, China, 17–19 May 2008. Springer Rough Sets and Knowledge Technology Series (2008)
Youssef, A., Emam, A.: Network intrusion detection using data mining and network behaviour analysis. Int. J. Comput. Sci. Inf. Technol. (IJCSIT) 3(6), 87–98 (2011)
Suryavanshi, M., Akiwate, B., Gurav, M.: GNP-based fuzzy class-association rule mining in IDS. Int. J. Emerg. Trends Technol. Comput. Sci. (IJETTCS) 2(6), 179–183 (2013). ISSN 2278-6856
Beal, V.: Intrusion Detection (IDS) and Prevention (IPS) Systems. http://www.webopedia.com/DidYouKnow/Computer_Science/intrusion_detection_prevention.asp (2005). Accessed 15 July 2005
Kazienko, P., Dorosz, P.: Intrusion Detection Systems (IDS) Part I—(network intrusions; attack symptoms; IDS tasks; and IDS architecture). http://www.systemcomputing.org/ssm10/intrusion_detection_systems_architecture.htm (2003). Accessed 07 Apr 2003
Borah, S., Chakravorty, D., Chawhan, C., Saha, A.: Advanced Clustering based Intrusion Detection (ACID) Algorithm, Advances in Computing and Communications, Springer CCIS series, Vol. 192, Part 1, ISSN: 1865:0929, pp. 35–43, (2011) http://dx.doi.org/10.1007/978-3-642-22720-2_4
Borah, S., Chakraborty, A.: Towards the Development of an Efficient Intrusion Detection System. Int. J. Comput. Appl. 90(8), 15–20 (2014)
Dutt , I., Borah, S., Maitra, I.: Intrusion Detection System using Artificial Immune System. Int. J. Comput. Appl. 144(12),19–22 (2016)
El Moussaid, N., Toumanari, A., Elazhari, M.: Intrusion detection based on clustering algorithm. Int. J. Electron. Comput. Sci. Eng. 2(3), 1059–1064. ISSN- 2277-1956
MacQueen, J.B.: Some methods for classification and analysis of multivariate observations. In: Proceedings of 5th Berkeley Symposium on Mathematical Statistics and Probability, University of California Press, pp. 281–297. MR 0214227. Zbl 0214.46201 (1967)
Olusola, A.A., Oladele, A.S., Abosede, D.O.: Analysis of KDD ’99 intrusion detection dataset for selection of relevance features. In: Proceedings of the World Congress on Engineering and Computer Science 2010 Volume I, WCECS 2010, 20–22 Oct 2010, San Francisco, USA (2010). ISBN: 978-988-17012-0-6, ISSN: 2078-0958
Kayacik, H.G., Zincir-Heywood, A.N., Heywood, M.I.: Selecting features for intrusion detection: a feature relevance analysis on KDD 99. In: Third Annual Conference on Privacy, Security and Trust (PST), 12–14 Oct 2005, The Fairmont Algonquin, St. Andrews, New Brunswick, Canada (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Borah, S., Panigrahi, R., Chakraborty, A. (2018). An Enhanced Intrusion Detection System Based on Clustering. In: Saeed, K., Chaki, N., Pati, B., Bakshi, S., Mohapatra, D. (eds) Progress in Advanced Computing and Intelligent Engineering. Advances in Intelligent Systems and Computing, vol 564. Springer, Singapore. https://doi.org/10.1007/978-981-10-6875-1_5
Download citation
DOI: https://doi.org/10.1007/978-981-10-6875-1_5
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-6874-4
Online ISBN: 978-981-10-6875-1
eBook Packages: EngineeringEngineering (R0)