Intrusion detection in network flows based on an optimized clustering criterion

Home Page
About
Submit A Journal
Submit A Conference
Submit Paper/Book
- Submit a Preprint
- Submit a Book
Contact

Turkish Journal of Electrical Engineering and Computer Science
Volume:25 Issue:3
Intrusion detection in network flows based on an optimized clustering criterion

Intrusion detection in network flows based on an optimized clustering criterion

Authors : JABER KARIMPOUR, SHAHRIAR LOTFI, ALIAKBAR TAJARI SIAHMARZKOOH

Pages : 1963-1975

View : 14 | Download : 9

Publication Date : 0000-00-00

Article Type : Research Paper

Abstract :Graph-based intrusion detection approaches consider the network as a graph and detect anomalies based on graph metrics. However, most of these approaches succumb to the cluster-based behavior of the anomalies. To resolve this problem in our study, we use flow and graph-clustering concepts to create a data set first. A new criterion related to the average weight of clusters is then defined and a model is proposed to detect attacks based on the above-mentioned criterion. Finally, the model is evaluated using a DARPA data set. Results show that the proposed approach detects the attacks with high accuracy relative to methods described in previous studies.
Keywords : Attack, DARPA data set, flow, graph clustering, intrusion detection

ORIGINAL ARTICLE URL

VIEW PAPER (PDF)

* There may have been changes in the journal, article,conference, book, preprint etc. informations. Therefore, it would be appropriate to follow the information on the official page of the source. The information here is shared for informational purposes. IAD is not responsible for incorrect or missing information.