An efficient approach for Intrusion Detection using data mining methods

Intrusion Detection System (IDS) is becoming a vital component of any network in today's world of Internet. IDS are an effective way to detect different kinds of attacks in an interconnected network thereby securing the network. An effective Intrusion Detection System requires high accuracy and detection rate as well as low false alarm rate. This paper focuses on a hybrid approach for intrusion detection system (IDS) based on data mining techniques. The main research method is clustering analysis with the aim to improve the detection rate and decrease the false alarm rate. Most of the previously proposed methods suffer from the drawback of k-means method with low detection rate and high false alarm rate. This paper presents a hybrid data mining approach encompassing feature selection, filtering, clustering, divide and merge and clustering ensemble. A method for calculating the number of the cluster centroid and choosing the appropriate initial cluster centroid is proposed in this paper. The IDS with clustering ensemble is introduced for the effective identification of attacks to achieve high accuracy and detection rate as well as low false alarm rate.

[1]  K. Nageswara Rao,et al.  Intrusion Detection System Methodologies Based on Data Analysis , 2010 .

[2]  Christian Callegari,et al.  Advances in Computing, Communications and Informatics (ICACCI) , 2015 .

[3]  Parag Kulkarni,et al.  Intrusion Detection System using Self Organizing Maps , 2009, 2009 International Conference on Intelligent Agent & Multi-Agent Systems.

[4]  Ali A. Ghorbani,et al.  Y-means: a clustering method for intrusion detection , 2003, CCECE 2003 - Canadian Conference on Electrical and Computer Engineering. Toward a Caring and Humane Technology (Cat. No.03CH37436).

[5]  Hari Om,et al.  A hybrid system for reducing the false alarm rate of anomaly intrusion detection system , 2012, 2012 1st International Conference on Recent Advances in Information Technology (RAIT).

[6]  Wang Huai-bin,et al.  A Clustering Algorithm Use SOM and K-Means in Intrusion Detection , 2010, 2010 International Conference on E-Business and E-Government.

[7]  W. Yassin,et al.  Intrusion detection based on K-Means clustering and Naïve Bayes classification , 2011, 2011 7th International Conference on Information Technology in Asia.

[8]  C Hemalatha,et al.  A New Data Mining Based Network Intrusion Detection Model , 2012 .

[9]  Xiaomin Wang,et al.  A Parallel Clustering Ensemble Algorithm for Intrusion Detection System , 2010, 2010 Ninth International Symposium on Distributed Computing and Applications to Business, Engineering and Science.

[10]  Kapil Wankhade,et al.  Intrusion Detection System Using New Ensemble Boosting Approach , 2012 .

[11]  K. Wankhade,et al.  An Overview of Intrusion Detection Based on Data Mining Techniques , 2013, 2013 International Conference on Communication Systems and Network Technologies.

[12]  Hirofumi Yamaki,et al.  A grid-based clustering for low-overhead anomaly intrusion detection , 2011, 2011 5th International Conference on Network and System Security.

[13]  A. John,et al.  Survey on data mining techniques to enhance intrusion detection , 2012, 2012 International Conference on Computer Communication and Informatics.

[14]  Nur Izura Udzir,et al.  Intrusion detection based on k-means clustering and OneR classification , 2011, 2011 7th International Conference on Information Assurance and Security (IAS).