Evaluation of K-Means Clustering for Effective Intrusion Detection and Prevention in Massive Network Traffic Data

Evaluation of K-Means Clustering for Effective Intrusion Detection and Prevention in Massive Network Traffic Data

With the growth of hacking and exploiting tools and invention of new ways of intrusion, Intrusion detection and prevention is becoming the major challenge in the world of network security. It is becoming more demanding due to increasing network traffic and data on Internet. There are various approac...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of computer applications 2014-01, Vol.96 (7), p.9-14
Hauptverfasser: Nalavade, Kamini, Meshram, B B
Format: Artikel
Sprache:eng
Schlagworte:
Cluster analysis
Clustering
Computer information security
Data mining
Dynamical systems
Dynamics
Intrusion
Networks
Traffic flow
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 14
container_issue 7
container_start_page 9
container_title International journal of computer applications
container_volume 96
creator Nalavade, Kamini
Meshram, B B
description With the growth of hacking and exploiting tools and invention of new ways of intrusion, Intrusion detection and prevention is becoming the major challenge in the world of network security. It is becoming more demanding due to increasing network traffic and data on Internet. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. Intrusion detection systems using data mining approaches make it possible to search patterns and rules in large amount of audit data. Classification-based data mining models for intrusion detection are often ineffective in dealing with dynamic changes in intrusion patterns and characteristics. Unsupervised learning methods are efficient in detecting unknown attacks in large datasets. In this paper we investigate clustering approaches for network intrusion detection. We carried out our experiments on K-means clustering algorithm and measured the performance based on detection rates and false positive rate with different cluster values. The KDD dataset which is freely available online is used for our experimentation and results are compared. Our intrusion detection system using clustering approach is able to detect different types of intrusions, while maintaining a low false positive rate.
doi_str_mv 10.5120/16804-6526
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_1730060705</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1730060705</sourcerecordid><originalsourceid>FETCH-LOGICAL-c2066-fafcb763f4cad52ac5d13a6f35dd79f8483e5d60c68f641a40b5c831569fcf4e3</originalsourceid><addsrcrecordid>eNqF0U1LAzEQBuAgCpbai78g4EWE1XxvcpS2arF-HOp5SbOJbN1m2yRb8d-723oQL85lJuFhYHgBOMfommOCbrCQiGWCE3EEBkjlPJNS5se_5lMwinGFuqKKCMUGYDvd6brVqWo8bBx8zJ6s9hGO6zYmGyr_Dl0T4NQ5a1K1s3DmU2hjryc29X_dpH0JX4PdWb9_Vh4-6Rh7_WzTZxM-4CJo5yoDJzrpM3DidB3t6KcPwdvddDF-yOYv97Px7TwzBAmROe3MMhfUMaNLTrThJaZaOMrLMldOMkktLwUyQjrBsGZoyY2kmAvljGOWDsHlYe8mNNvWxlSsq2hsXWtvmzYWOKcICZQj_j_lXOWIINXTiz901bTBd4d0ihGMiZKsU1cHZUITY7Cu2IRqrcNXgVHRZ1Xssyr6rOg3QcWFmA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1542112984</pqid></control><display><type>article</type><title>Evaluation of K-Means Clustering for Effective Intrusion Detection and Prevention in Massive Network Traffic Data</title><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Nalavade, Kamini ; Meshram, B B</creator><creatorcontrib>Nalavade, Kamini ; Meshram, B B</creatorcontrib><description>With the growth of hacking and exploiting tools and invention of new ways of intrusion, Intrusion detection and prevention is becoming the major challenge in the world of network security. It is becoming more demanding due to increasing network traffic and data on Internet. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. Intrusion detection systems using data mining approaches make it possible to search patterns and rules in large amount of audit data. Classification-based data mining models for intrusion detection are often ineffective in dealing with dynamic changes in intrusion patterns and characteristics. Unsupervised learning methods are efficient in detecting unknown attacks in large datasets. In this paper we investigate clustering approaches for network intrusion detection. We carried out our experiments on K-means clustering algorithm and measured the performance based on detection rates and false positive rate with different cluster values. The KDD dataset which is freely available online is used for our experimentation and results are compared. Our intrusion detection system using clustering approach is able to detect different types of intrusions, while maintaining a low false positive rate.</description><identifier>ISSN: 0975-8887</identifier><identifier>EISSN: 0975-8887</identifier><identifier>DOI: 10.5120/16804-6526</identifier><language>eng</language><publisher>New York: Foundation of Computer Science</publisher><subject>Cluster analysis ; Clustering ; Computer information security ; Data mining ; Dynamical systems ; Dynamics ; Intrusion ; Networks ; Traffic flow</subject><ispartof>International journal of computer applications, 2014-01, Vol.96 (7), p.9-14</ispartof><rights>Copyright Foundation of Computer Science 2014</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c2066-fafcb763f4cad52ac5d13a6f35dd79f8483e5d60c68f641a40b5c831569fcf4e3</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids></links><search><creatorcontrib>Nalavade, Kamini</creatorcontrib><creatorcontrib>Meshram, B B</creatorcontrib><title>Evaluation of K-Means Clustering for Effective Intrusion Detection and Prevention in Massive Network Traffic Data</title><title>International journal of computer applications</title><description>With the growth of hacking and exploiting tools and invention of new ways of intrusion, Intrusion detection and prevention is becoming the major challenge in the world of network security. It is becoming more demanding due to increasing network traffic and data on Internet. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. Intrusion detection systems using data mining approaches make it possible to search patterns and rules in large amount of audit data. Classification-based data mining models for intrusion detection are often ineffective in dealing with dynamic changes in intrusion patterns and characteristics. Unsupervised learning methods are efficient in detecting unknown attacks in large datasets. In this paper we investigate clustering approaches for network intrusion detection. We carried out our experiments on K-means clustering algorithm and measured the performance based on detection rates and false positive rate with different cluster values. The KDD dataset which is freely available online is used for our experimentation and results are compared. Our intrusion detection system using clustering approach is able to detect different types of intrusions, while maintaining a low false positive rate.</description><subject>Cluster analysis</subject><subject>Clustering</subject><subject>Computer information security</subject><subject>Data mining</subject><subject>Dynamical systems</subject><subject>Dynamics</subject><subject>Intrusion</subject><subject>Networks</subject><subject>Traffic flow</subject><issn>0975-8887</issn><issn>0975-8887</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2014</creationdate><recordtype>article</recordtype><recordid>eNqF0U1LAzEQBuAgCpbai78g4EWE1XxvcpS2arF-HOp5SbOJbN1m2yRb8d-723oQL85lJuFhYHgBOMfommOCbrCQiGWCE3EEBkjlPJNS5se_5lMwinGFuqKKCMUGYDvd6brVqWo8bBx8zJ6s9hGO6zYmGyr_Dl0T4NQ5a1K1s3DmU2hjryc29X_dpH0JX4PdWb9_Vh4-6Rh7_WzTZxM-4CJo5yoDJzrpM3DidB3t6KcPwdvddDF-yOYv97Px7TwzBAmROe3MMhfUMaNLTrThJaZaOMrLMldOMkktLwUyQjrBsGZoyY2kmAvljGOWDsHlYe8mNNvWxlSsq2hsXWtvmzYWOKcICZQj_j_lXOWIINXTiz901bTBd4d0ihGMiZKsU1cHZUITY7Cu2IRqrcNXgVHRZ1Xssyr6rOg3QcWFmA</recordid><startdate>20140101</startdate><enddate>20140101</enddate><creator>Nalavade, Kamini</creator><creator>Meshram, B B</creator><general>Foundation of Computer Science</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20140101</creationdate><title>Evaluation of K-Means Clustering for Effective Intrusion Detection and Prevention in Massive Network Traffic Data</title><author>Nalavade, Kamini ; Meshram, B B</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c2066-fafcb763f4cad52ac5d13a6f35dd79f8483e5d60c68f641a40b5c831569fcf4e3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2014</creationdate><topic>Cluster analysis</topic><topic>Clustering</topic><topic>Computer information security</topic><topic>Data mining</topic><topic>Dynamical systems</topic><topic>Dynamics</topic><topic>Intrusion</topic><topic>Networks</topic><topic>Traffic flow</topic><toplevel>online_resources</toplevel><creatorcontrib>Nalavade, Kamini</creatorcontrib><creatorcontrib>Meshram, B B</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>International journal of computer applications</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Nalavade, Kamini</au><au>Meshram, B B</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Evaluation of K-Means Clustering for Effective Intrusion Detection and Prevention in Massive Network Traffic Data</atitle><jtitle>International journal of computer applications</jtitle><date>2014-01-01</date><risdate>2014</risdate><volume>96</volume><issue>7</issue><spage>9</spage><epage>14</epage><pages>9-14</pages><issn>0975-8887</issn><eissn>0975-8887</eissn><abstract>With the growth of hacking and exploiting tools and invention of new ways of intrusion, Intrusion detection and prevention is becoming the major challenge in the world of network security. It is becoming more demanding due to increasing network traffic and data on Internet. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. Intrusion detection systems using data mining approaches make it possible to search patterns and rules in large amount of audit data. Classification-based data mining models for intrusion detection are often ineffective in dealing with dynamic changes in intrusion patterns and characteristics. Unsupervised learning methods are efficient in detecting unknown attacks in large datasets. In this paper we investigate clustering approaches for network intrusion detection. We carried out our experiments on K-means clustering algorithm and measured the performance based on detection rates and false positive rate with different cluster values. The KDD dataset which is freely available online is used for our experimentation and results are compared. Our intrusion detection system using clustering approach is able to detect different types of intrusions, while maintaining a low false positive rate.</abstract><cop>New York</cop><pub>Foundation of Computer Science</pub><doi>10.5120/16804-6526</doi><tpages>6</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 0975-8887
ispartof International journal of computer applications, 2014-01, Vol.96 (7), p.9-14
issn 0975-8887
0975-8887
language eng
recordid cdi_proquest_miscellaneous_1730060705
source Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals
subjects Cluster analysis
Clustering
Computer information security
Data mining
Dynamical systems
Dynamics
Intrusion
Networks
Traffic flow
title Evaluation of K-Means Clustering for Effective Intrusion Detection and Prevention in Massive Network Traffic Data
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-28T16%3A40%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Evaluation%20of%20K-Means%20Clustering%20for%20Effective%20Intrusion%20Detection%20and%20Prevention%20in%20Massive%20Network%20Traffic%20Data&rft.jtitle=International%20journal%20of%20computer%20applications&rft.au=Nalavade,%20Kamini&rft.date=2014-01-01&rft.volume=96&rft.issue=7&rft.spage=9&rft.epage=14&rft.pages=9-14&rft.issn=0975-8887&rft.eissn=0975-8887&rft_id=info:doi/10.5120/16804-6526&rft_dat=%3Cproquest_cross%3E1730060705%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1542112984&rft_id=info:pmid/&rfr_iscdi=true