An advanced intrusion detection system for the networking using data mining approach

Author: 
Shalini Dhar
Abstract: 

Nowadays, many organizations and companies use Internet services as their communication and marketplace to do business. Due to increased number of internet users there is a problem due to intrusion which may damage data and information stored in computer server or data base server. So we need a filter which is able to filter malicious data and normal data. Intrusion detection is the process of monitoring and analysing the events occurring in a computer system in order to detect signs of security problems. The intrusion detection and other security technologies such as cryptography, authentication and firewalls have gained in importance in last few years. The present study gives an advanced Intrusion Detection System (IDS) along with data mining techniques by using k-means and outlier both approaches. The k-means approach uses clustering mechanisms to group the traffic flow data into normal and anomalous clusters. Outlier detection calculates an outlier score for each flow record. This score is called the neighbourhood outlier factor (NOF), whose value decides whether a particular traffic flow is normal or anomalous. The performance of these two approaches is compared by means of various confusion matrix and performance metrics like false positive rate, sensitivity, specificity, classification rate and precision and an analysis is done to find out that which one of the two approaches is better to be used for intrusion detection using traffic flows.

Download PDF: