ANOMALY-BASED INTRUSION DETECTION THROUGH K-MEANS CLUSTERING AND NAIVES BAYES CLASSIFICATION

Intrusion detection systems (IDSs) effectively balance extra security appliance by identifying intrusive activities on a computer system, and their enhancement is emerging at an unexpected rate. Anomaly-based intrusion detection methods, which employ machine learning algorithms, are able to identify unforeseen attacks. Regrettably, the foremost challenge of this method is to minimize false alarm while maximizing detection and accuracy rate. We propose an integrated machine learning algorithm across K-Means clustering and Naive Bayes Classifier called KMC+NBC to overcome the aforesaid drawbacks. K-Means clustering is applied to labeling and gathers the entire data into corresponding cluster sets based on the data behavior, i.e., i.e. normal and attack, while Naive Bayes Classifier (NBC) is applied to reorder the misclassified clustered data into correct categories. Experiments have been performed to evaluate the performance of KMC+NBC and NBC against ISCX 2012 Intrusion Detection Evaluation Dataset. The result shows that KMC+NBC significantly improves the accuracy, detection rate up to 99% and 98.8%, respectively, while decreasing the false alarm to 2.2%.