Skip to main content
SpringerLink
Log in

Multi-density Clustering Algorithm for Anomaly Detection Using KDD’99 Dataset

  • Conference paper
Advances in Computing and Communications (ACC 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 190))

Included in the following conference series:

  • 1826 Accesses

Abstract

Anomaly detection is currently an important and active research problem in many fields and involved in numerous application. Handle huge amount of data or traffic over the network is most challenge full task in area of Intrusion Detection System to identify the intrusion by analyzing network traffic. So we have required the some efficient technique for analyze the anomaly from network traffic which have good detection rate with less false alarm and it should be also time efficient. Motivation by above, in this paper we present a Multi-density Clustering Algorithm for anomaly detection (MCAD) over huge network traffic (Offline statistical traffic). In this approach we have improved the Birch Clustering [1] index problem with ADWICE (Anomaly detection with fast Incremental Clustering) [2] model using grid index. We have used the Intra cluster distance parameter property which can improve the quality of cluster in respect of outliers by the average intra cluster distance reduction. So in this approach rather than threshold concept at insertion of data point in the cluster we have used the cluster quality indices for insert a data point in the cluster and checked it is being optimized or not. The method is verified by experimental of proposed approach on KDD’99 [3] data set which is standard off line data set. Experimental results illustrate better false alarm detection rate and time efficiency by using proposed MCAD approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Zhang, T., Ramakrishnan, R., Livny, M.: Birch: an efficient data clustering method for very large databases. In: SIGMOD Record 1996 ACM SIGMOD International Conference on Management of Data, pp. 103–114 (1996)

    Google Scholar 

  2. Burbeck, K., Nadjm-Tehrani, S.: ADWICE – anomaly detection with real-time incremental clustering. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 407–424. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Mahoney, M.V., Chan, P.K.: An analysis of the KDD,99 darpa/lincoln laboratory evaluation data for network anomaly detection. In: Proceedings of 6th International Symposium on Recent Advances in Intrusion Detection, pp. 220–237 (2003)

    Google Scholar 

  4. Mukhrjee, B., Levitt, N.: Network Intrusion Detection. IEEE Networks 24, 26–29 (2005)

    Google Scholar 

  5. Han, H., Lu, X.L., Lu, J., Bo, C.: Data mining aided signature discovery in network-based intrusion detection system. ACM SIGOPS Operating System Review 36, 7–13 (2002)

    Article  Google Scholar 

  6. Hilas, C.S., Mastorocostas, P.A.: An application of supervised and Unsupervised learning approaches to telecommunications fraud detection. ACM Journal of Knowledge-Based systems 21, 721–726 (2008)

    Article  Google Scholar 

  7. Kumar, S., Nandi, S., Biswas, S.: Research and application of one-class small hypersphere Support Vector Machine for Network anomaly detection. In: The Third International Conference on Communication System and Networks (COMSNETS), pp. 1–4 (2011)

    Google Scholar 

  8. Yasami, Y., Mozaffari, S.P.: A novel unsupervised classification approach for network anomaly detection by k-means clustering and ID3 decision tree learning method. ACM Jounal of Supercomputing 53, 231–245 (2010)

    Article  Google Scholar 

  9. Kanungo, T., Mount, D.M., Netanyahu, N.S.: An efficient k-Mean clustering Algorithm: Analysis and Implement. ACM/IEEE Transactions on Pattern Analysis and Machine Intelligence 24, 881–892 (2002)

    Article  Google Scholar 

  10. Hilal Inan, Z., Kuntalp, M.: A study on fuzzy C-mean clustering-based systems in automatic spike detection. ACM Journal of Computers in Biology and Medicine 37, 1160–1166 (2007)

    Article  Google Scholar 

  11. Ester, M., Kriegel, H.-P., Sander, J.: A Desnsity-Based Algorithm for Discovering Clusters in Large Spatial Databased with Noise. In: Proceeding on 2nd International Conference on Knowledge Discovery and Data Mining, pp. 226–231 (1996)

    Google Scholar 

  12. Zhao, Y., Karypis, G.: Criterion functions for document clustering, Experiments and Analysis. Technical report, 1–130 (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology Guwahati, Guwahati, India

    Santosh Kumar, Sumit Kumar & Sukumar Nandi

Authors
  1. Santosh Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sumit Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sukumar Nandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Machine Intelligence Research Labs (MIR Labs), Auburn, 98071-2259, Washington, USA

    Ajith Abraham

  2. Department of Communications, Polytechnic University of Valencia, Camino de Vera, 46022, Valencia, Spain

    Jaime Lloret Mauri

  3. Avaya Labs Research, Basking Ridge, NJ, USA

    John F. Buford

  4. University of Massachusetts, 100 Morrissey Blvd., 02125-3393, Boston, MA, USA

    Junichi Suzuki

  5. Rajagiri School of Engineering and Technology, Rajagiri Valley, Kakkanad, 682 039, Kochi, India

    Sabu M. Thampi

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kumar, S., Kumar, S., Nandi, S. (2011). Multi-density Clustering Algorithm for Anomaly Detection Using KDD’99 Dataset. In: Abraham, A., Lloret Mauri, J., Buford, J.F., Suzuki, J., Thampi, S.M. (eds) Advances in Computing and Communications. ACC 2011. Communications in Computer and Information Science, vol 190. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22709-7_60

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22709-7_60

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22708-0

  • Online ISBN: 978-3-642-22709-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation