Network traffic clustering for intrusion detection
- 10.2991/itsmssm-17.2017.53How to use a DOI?
- intrusion detection, network attack, clustering, k-means method, efficiency, errors of intrusion detection
The problem of network attacks detecting is considered. It is proposed to use clustering of network packets for anomaly detection in network traffic. Anomalies may indicate the implementation of network attacks. The used clustering algorithm is k-means method. It has a number of parameters, the choice of which affects the speed and accuracy of network attacks detection. Software package that implements different variants of values of k-means method's parameters is developed. With help of software package experimental studies are carried out. During experiments accuracy of simulated network attacks detection and speed of software package functioning is determined. Based on results the most effective set of k-means method's parameters for network attacks detection is offered.
- © 2017, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Arina Nikishova AU - Irina Ananina AU - Evgeny Ananin PY - 2017/12 DA - 2017/12 TI - Network traffic clustering for intrusion detection BT - Proceedings of the IV International research conference "Information technologies in Science, Management, Social sphere and Medicine" (ITSMSSM 2017) PB - Atlantis Press SP - 252 EP - 256 SN - 2352-538X UR - https://doi.org/10.2991/itsmssm-17.2017.53 DO - 10.2991/itsmssm-17.2017.53 ID - Nikishova2017/12 ER -