Proceedings of the IV International research conference "Information technologies in Science, Management, Social sphere and Medicine" (ITSMSSM 2017)

Network traffic clustering for intrusion detection

Authors
Arina Nikishova, Irina Ananina, Evgeny Ananin
Corresponding Author
Arina Nikishova
Available Online December 2017.
DOI
https://doi.org/10.2991/itsmssm-17.2017.53How to use a DOI?
Keywords
intrusion detection, network attack, clustering, k-means method, efficiency, errors of intrusion detection
Abstract
The problem of network attacks detecting is considered. It is proposed to use clustering of network packets for anomaly detection in network traffic. Anomalies may indicate the implementation of network attacks. The used clustering algorithm is k-means method. It has a number of parameters, the choice of which affects the speed and accuracy of network attacks detection. Software package that implements different variants of values of k-means method's parameters is developed. With help of software package experimental studies are carried out. During experiments accuracy of simulated network attacks detection and speed of software package functioning is determined. Based on results the most effective set of k-means method's parameters for network attacks detection is offered.
Open Access
This is an open access article distributed under the CC BY-NC license.

Download article (PDF)

Cite this article

TY  - CONF
AU  - Arina Nikishova
AU  - Irina Ananina
AU  - Evgeny Ananin
PY  - 2017/12
DA  - 2017/12
TI  - Network traffic clustering for intrusion detection
BT  - IV International research conference "Information technologies in Science, Management, Social sphere and Medicine" (ITSMSSM 2017)
PB  - Atlantis Press
SP  - 252
EP  - 256
SN  - 2352-538X
UR  - https://doi.org/10.2991/itsmssm-17.2017.53
DO  - https://doi.org/10.2991/itsmssm-17.2017.53
ID  - Nikishova2017/12
ER  -