Authors: V. Jackins; D. Shalini Punithavathani
Addresses: Department of Information Technology, National Engineering College, Kovilpatti, Tamil Nadu, 628503, India ' Department of Computer Science and Engineering, Government College of Engineering, Tirunelveli, Tamil Nadu, 627007, India
Abstract: The numbers of hacking and intrusion incidents are high due to the increasing use of internet services and computer application. Therefore, intrusion detection systems (IDS) are inevitable in today's scenario (Koruba et al., 2017). In this paper, an unsupervised technique based on hybrid clustering algorithms is used for Anomaly detection. Incremental support vector machine (ISVM) and C means (FCM) algorithms are applied to preprocess the data set and detect the anomalies respectively. Further, the processed data is fed to the DBSCAN algorithm for further detection of anomalies. The results of the detection system are communicated to the intrusion prevention system (IPS). The proposed hybrid algorithm is applied for KDD Cup 1999 dataset and Gure Kdd Cup data base (2008) and the results show high detection rates and low false positive alarms. Further, the proposed technique performs well with a real time data in detecting anomalies with enhanced true positive rate.
Keywords: intrusion detection system; IDS; intrusion prevention system; IPS; KDD Cup 1999; Gure Kdd Cup database (2008); anomaly; clustering; network IDS.
International Journal of Enterprise Network Management, 2018 Vol.9 No.3/4, pp.251 - 260
Received: 26 Apr 2017
Accepted: 02 Nov 2017
Published online: 03 Sep 2018 *