Comparative analysis of K-Means method and Naïve Bayes method for brute force attack visualization

This paper presents 2-Dimensional visualization to categorize packets of network traffic into normal data pattern and attack data pattern based on the patterns resulted by a brute force attack. Two clustering methods: K-Means and Naïve Bayes methods are used to produce the data to be visualized. Experiments using ISCX and DARPA dataset were conducted. Brute force assaults on some service protocols. This paper focuses on SSH service for ISCX dataset and TELNET service for DARPA dataset. Visual analysis of the experimental results show a better results in term of accuracy by reducing false alarms.

[1]  Taghi M. Khoshgoftaar,et al.  A New Intrusion Detection Benchmarking System , 2015, FLAIRS Conference.

[2]  Yusep Rosmansyah,et al.  Implementation of dendritic cell algorithm as an anomaly detection method for port scanning attack , 2015, 2015 International Conference on Information Technology Systems and Innovation (ICITSI).

[3]  Nur Izura Udzir,et al.  Anomaly-based intrusion detection through K-means clustering and naives bayes classification , 2013 .

[4]  Yasuo Musashi,et al.  SSH Dictionary Attack and DNS Reverse Resolution Traffic in Campus Network , 2010, 2010 Third International Conference on Intelligent Networks and Intelligent Systems.

[5]  Kerem Kaynar,et al.  A taxonomy for attack graph generation and usage in network security , 2016, J. Inf. Secur. Appl..

[6]  Deris Stiawan,et al.  Cyber-Attack Penetration Test and Vulnerability Analysis , 2017, Int. J. Online Eng..

[7]  Ibrahim M. El-Henawy,et al.  VISUALIZE NETWORK ANOMALY DETECTION BY USING K-MEANS CLUSTERING ALGORITHM , 2013 .

[8]  Neelam Sharma,et al.  INTRUSION DETECTION USING NAIVE BAYES CLASSIFIER WITH FEATURE REDUCTION , 2012 .

[9]  Heejo Lee,et al.  Fast detection and visualization of network attacks on parallel coordinates , 2009, Comput. Secur..

[10]  Jan Vykopal,et al.  A Flow-Level Taxonomy and Prevalence of Brute Force Attacks , 2011, ACC.

[11]  R. H. Goudar,et al.  An Efficient Cryptographic Scheme for Text Message Protection Against Brute Force and Cryptanalytic Attacks , 2015 .