Identifying Network Anomalies Using Clustering Technique in Weblog Data

In this paper we present an approach for identifying networkanomalies by visualizing network flow data which is stored inweblogs. Various clustering techniques can be used to identifydifferent anomalies in the network. Here, we present a newapproach based on simple K-Means for analyzing networkflow data using different attributes like IP address, Protocol,Port number etc. to detect anomalies. By using visualization,we can identify which sites are more frequently accessed bythe users. In our approach we provide overview about givendataset by studying network key parameters. In this processwe used preprocessing techniques to eliminate unwantedattributes from weblog data.

[1]  Pat Hanrahan,et al.  Enhancing Visual Analysis of Network Traffic Using a Knowledge Representation , 2006, 2006 IEEE Symposium On Visual Analytics Science And Technology.

[2]  John R. Goodall,et al.  Visual Discovery in Computer Network Defense , 2007, IEEE Computer Graphics and Applications.

[3]  Kulsoom Abdullah,et al.  Visualizing network data for intrusion detection , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[4]  Koji Koyamada,et al.  Hierarchical visualization of network intrusion detection data , 2006, IEEE Computer Graphics and Applications.

[5]  Tak-Chung Fu,et al.  Agent-based network intrusion detection system using data mining approaches , 2005, Third International Conference on Information Technology and Applications (ICITA'05).

[6]  John T. Stasko,et al.  Countering security information overload through alert and packet visualization , 2006, IEEE Computer Graphics and Applications.

[7]  Georg Carle,et al.  Traffic Anomaly Detection Using K-Means Clustering , 2007 .

[8]  T. J. Jankun-Kelly,et al.  Visual Data Analysis for Detecting Flaws and Intruders in Computer Network Systems , 2004 .

[9]  Yan Gao,et al.  IDGraphs: intrusion detection and analysis using stream compositing , 2006, IEEE Computer Graphics and Applications.

[10]  Wayne G. Lutters,et al.  A user-centered approach to visualizing network traffic for intrusion detection , 2005, CHI Extended Abstracts.

[11]  Hai Jin,et al.  A fuzzy data mining based intrusion detection model , 2004, Proceedings. 10th IEEE International Workshop on Future Trends of Distributed Computing Systems, 2004. FTDCS 2004..

[12]  T. J. Jankun-Kelly,et al.  Detecting flaws and intruders with visual data analysis , 2004, IEEE Computer Graphics and Applications.

[13]  Ali A. Ghorbani,et al.  Network intrusion detection using an improved competitive learning neural network , 2004, Proceedings. Second Annual Conference on Communication Networks and Services Research, 2004..