An Enhanced Intrusion Detection System Based on Clustering

被引:5
作者
Borah, Samarjeet [1 ]
Panigrahi, Ranjit [1 ]
Chakraborty, Anindita [1 ]
机构
[1] Sikkim Manipal Univ, Sikkim Manipal Inst Technol, Rangpo, Sikkim, India
来源
PROGRESS IN ADVANCED COMPUTING AND INTELLIGENT ENGINEERING, VOL 2 | 2018年 / 564卷
关键词
Intrusion detection; Attack; Clustering; MatLab; False positive; False negative; SOM;
D O I
10.1007/978-981-10-6875-1_5
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
The aim of a typical intrusion detection framework is to recognize attacks with a high discovery rate and low false alarm rate. Many algorithms have been proposed for detecting intrusions using various soft computing approaches such as self-organizing map (SOM), clustering etc. In this paper, an effort has been made to enhance the intrusion detection algorithm proposed by Nadya et al. The proposed enhancement of the algorithm is done by adding the SOM training process. Clustering of the data is done to differentiate abnormal data from the normal data. The clustered data may sometime contain both normal and abnormal data thus leading to false alarms. In this regard, k-means algorithm is further used to detect those abnormal data and reducing the rate of false positive. The SOM is trained using the neural network toolbox present in Matlab R2010b. The enhanced algorithm yields desired results both in terms of higher detection rates and removal of false positives.
引用
收藏
页码:37 / 45
页数:9
相关论文
共 12 条
[1]  
Beal V., 2005, INTRUSION DETECTION
[2]  
Borah S., 2014, INT J COMPUTER APPL, V90, P15
[3]  
Borah S, 2011, COMM COM INF SC, V192, P35
[4]  
Dutt I., 2016, INT J COMPUT APPL, V144, P19
[5]  
El Moussaid N., INT J ELECT COMPUT S, V2, P1059
[6]  
Kayacik H.G., 2005, P 3 ANN C PRIV SEC T, VVolume 94, P1722
[7]  
Kazienko P., 2003, INTRUSION DETECTIO 1
[8]  
Luo N., 2008, SPRINGER ROUGH SETS
[9]  
MacQueen J., 1967, BERK S MATH STAT PRO, V5, P281, DOI DOI 10.1007/S11665-016-2173-6
[10]  
Olusola AA, 2010, LECT NOTES ENG COMP, P162