Abstract
Anomaly detection is currently an important and active research problem in many fields and involved in numerous application. Handle huge amount of data or traffic over the network is most challenge full task in area of Intrusion Detection System to identify the intrusion by analyzing network traffic. So we have required the some efficient technique for analyze the anomaly from network traffic which have good detection rate with less false alarm and it should be also time efficient. Motivation by above, in this paper we present a Multi-density Clustering Algorithm for anomaly detection (MCAD) over huge network traffic (Offline statistical traffic). In this approach we have improved the Birch Clustering [1] index problem with ADWICE (Anomaly detection with fast Incremental Clustering) [2] model using grid index. We have used the Intra cluster distance parameter property which can improve the quality of cluster in respect of outliers by the average intra cluster distance reduction. So in this approach rather than threshold concept at insertion of data point in the cluster we have used the cluster quality indices for insert a data point in the cluster and checked it is being optimized or not. The method is verified by experimental of proposed approach on KDD’99 [3] data set which is standard off line data set. Experimental results illustrate better false alarm detection rate and time efficiency by using proposed MCAD approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zhang, T., Ramakrishnan, R., Livny, M.: Birch: an efficient data clustering method for very large databases. In: SIGMOD Record 1996 ACM SIGMOD International Conference on Management of Data, pp. 103–114 (1996)
Burbeck, K., Nadjm-Tehrani, S.: ADWICE – anomaly detection with real-time incremental clustering. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 407–424. Springer, Heidelberg (2005)
Mahoney, M.V., Chan, P.K.: An analysis of the KDD,99 darpa/lincoln laboratory evaluation data for network anomaly detection. In: Proceedings of 6th International Symposium on Recent Advances in Intrusion Detection, pp. 220–237 (2003)
Mukhrjee, B., Levitt, N.: Network Intrusion Detection. IEEE Networks 24, 26–29 (2005)
Han, H., Lu, X.L., Lu, J., Bo, C.: Data mining aided signature discovery in network-based intrusion detection system. ACM SIGOPS Operating System Review 36, 7–13 (2002)
Hilas, C.S., Mastorocostas, P.A.: An application of supervised and Unsupervised learning approaches to telecommunications fraud detection. ACM Journal of Knowledge-Based systems 21, 721–726 (2008)
Kumar, S., Nandi, S., Biswas, S.: Research and application of one-class small hypersphere Support Vector Machine for Network anomaly detection. In: The Third International Conference on Communication System and Networks (COMSNETS), pp. 1–4 (2011)
Yasami, Y., Mozaffari, S.P.: A novel unsupervised classification approach for network anomaly detection by k-means clustering and ID3 decision tree learning method. ACM Jounal of Supercomputing 53, 231–245 (2010)
Kanungo, T., Mount, D.M., Netanyahu, N.S.: An efficient k-Mean clustering Algorithm: Analysis and Implement. ACM/IEEE Transactions on Pattern Analysis and Machine Intelligence 24, 881–892 (2002)
Hilal Inan, Z., Kuntalp, M.: A study on fuzzy C-mean clustering-based systems in automatic spike detection. ACM Journal of Computers in Biology and Medicine 37, 1160–1166 (2007)
Ester, M., Kriegel, H.-P., Sander, J.: A Desnsity-Based Algorithm for Discovering Clusters in Large Spatial Databased with Noise. In: Proceeding on 2nd International Conference on Knowledge Discovery and Data Mining, pp. 226–231 (1996)
Zhao, Y., Karypis, G.: Criterion functions for document clustering, Experiments and Analysis. Technical report, 1–130 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kumar, S., Kumar, S., Nandi, S. (2011). Multi-density Clustering Algorithm for Anomaly Detection Using KDD’99 Dataset. In: Abraham, A., Lloret Mauri, J., Buford, J.F., Suzuki, J., Thampi, S.M. (eds) Advances in Computing and Communications. ACC 2011. Communications in Computer and Information Science, vol 190. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22709-7_60
Download citation
DOI: https://doi.org/10.1007/978-3-642-22709-7_60
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22708-0
Online ISBN: 978-3-642-22709-7
eBook Packages: Computer ScienceComputer Science (R0)