IJBTT

A Clustering Alorithm for Detecting DDoS Attacks in Networks

	International Journal of Recent Engineering Science (IJRES)
	© 2014 by IJRES Journal
	Volume-1 Issue-1
	Year of Publication : 2014
	Authors : Dr.K.Sarmila, G.Kavin
	DOI : 10.14445/23497157/IJRES-V1I1P105

How to Cite?

Dr.K.Sarmila, G.Kavin, "A Clustering Alorithm for Detecting DDoS Attacks in Networks," International Journal of Recent Engineering Science, vol. 1, no. 1, pp. 24-30, 2014. Crossref, https://doi.org/10.14445/23497157/IJRES-V1I1P105

Abstract
As the number of networked computers grows, intrusion detection system is an essential component in keeping networks secure. Recently data mining methods have gained importance in addressing network security issues, including network intrusion detection| a challenging task in network security. Intrusion detection systems aim to identify attacks with a high detection rate and a low false alarm rate. The most widely deployed and commercially available methods for intrusion detection employ signature based detection. However, they cannot detect unknown intrusions intrinsically which are not matched to the signatures, and their methods consume huge amounts of cost and time to acquire the signatures. In order to cope with the problems, many researchers have proposed various kinds of algorithms that are based on unsupervised learning techniques. In this paper, we present a novel clustering based intrusion detection algorithm, unsupervised anomaly detection, which trains on unlabeled data in order to detect intrusions and to improve the detection rate while maintaining a low false positive rate. We evaluated our method using 2000 DARPA Intrusion Detection Scenario Specific Data Set.

Keywords
Anomaly detection, heuristic clustering, true positive rate, false positive rate.

Reference
[1] Keunsoo Lee, Juhyun Kim, Ki Hoon Kwon, Younggoo Han, Sehun Kim, “DDOS Attack Detection Method using Cluster Analysis”, Expert Systems with Applications: An International Journal, Vol 34, Issue 3, 1659-1665,Aug.2008
[2] Zhi-Xin Yu; Jing-Ran Chen; Tian-Qing Zhu, “A novel adaptive intrusion detection system based on data mining”, Proceedings of 2005 International Conference on Machine Learning and Cybernetics Volume 4, Issue , 18-21 Aug. 2005.
[3] Jungsuk SONG†a) , Kenji OHIRA†b) , Hiroki TAKAKURA††c) , Nonmembers, Yasuo OKABE††d) ,and Yongjin KWON†††e), “ A Clustering Method for Improving Performance of Anomaly-Based Intrusion Detection System ,” IEICE Trans. Inf. & Syst., vol 91–d, no.5,pp.350, May 2008.
[4] Z. Zhang, J. Li, C.N. Manikopoulos, J. Jorgenson, and J. Ucles,“HIDE: A Hierarchical Network Intrusion Detection System Using Statistical Preprocessing and Neural Network Classification,” Proc. 2001 IEEE Workshop Information Assurance, pp. 85-90, June 2001.
[5] J. Gomez and D.D. Gup ta, “Evolving Fuzzy Classifiers for Intrusion Detection,” Proc. 2002 IEEE Workshop Information Assurance, June 2001.
[6] A. Ray, “Symbolic Dynamic Analysis of Complex Systems for Anomaly Detection,” Signal Processing, vol. 84, no. 7, pp. 1115-1130, 2004.
[7] N. Ye, S.M. Emran, Q. Chen, and S. Vilbert, “Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection,” IEEE Trans. Computers, vol. 51, no. 7, pp. 810-820, 2002.
[8] R.P. Lippman, D.J. Fried, I. Graf, J. Haines, K. Kendall, D.McClung, D. Weber, S. Webster, D. Wyschogrod, R.K. Cunningham, and M.A. Zissman, “Evaluating Intrusion Detection Systems:The 1998 DARPA Off-Line Intrusion Detection Evaluation,” Proc.DARPA Information Survivability Conf. and Exposition (DISCEX ’00), pp. 12- 26, Jan. 2000.
[9]MIT Lincoln Lab (2000), “DARPA Intrusion Detection Scenario Specific Datasets” Ihttp://www.ll.mit.edu/IST/ideval/data/2000/ 2000_data_index.html.