Abstract | ||
---|---|---|
Attacks on the network are exceptional cases that are not observed in normal traffic behavior. In this work, in order to detect network attacks, using k-means algorithm a new semi-supervised anomaly detection system has been designed and implemented. During the training phase, normal samples were separated into clusters by applying k-means algorithm. Then, in order to be able to distinguish between normal and abnormal samples — according to their distances from the clustersu0027 centers and using a validation dataset-a threshold value was calculated. New samples that are far from the clustersu0027 centers more than the threshold value is detected as anomalies. We used NSL-KDD — a labelled dataset of network connection traces-for testing our methodu0027s effectiveness. The experiments result on the NSL-KDD data set, shows that we achieved an accuracy of 80.119%. |
Year | Venue | Field |
---|---|---|
2017 | SIU | Data mining,Cluster (physics),Anomaly detection,Network intrusion detection,Computer science,Threshold limit value,Anomaly-based intrusion detection system,Artificial intelligence,Cluster analysis,Intrusion detection system,Algorithm design,Pattern recognition,Algorithm,Machine learning |
DocType | Citations | PageRank |
Conference | 1 | 0.35 |
References | Authors | |
7 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
M. Elif Karsligil | 1 | 73 | 13.69 |
A. Gokhan Yavuz | 2 | 123 | 7.69 |
M. Amac Guvensan | 3 | 134 | 7.62 |
Khadija Hanifi | 4 | 1 | 0.35 |
Hasan Bank | 5 | 1 | 0.35 |