ANIDS: Anomaly network intrusion detection system using hierarchical clustering technique

Abstract

The Intrusion detection system (IDS) is an important tool to detect the unauthorized use of computer network and to provide the security for information. The IDS consists of two types signature-based (S-IDS) and anomaly-based (A-IDS) detection system. S-IDS detect only known attacks whereas A-IDSs are capable to detect unknown attacks. In this paper, we are focusing on A-IDS. The proposed system is Anomaly network intrusion detection system (ANIDS). The ANIDS is implemented using metaheuristic method, genetic algorithm and clustering techniques. The two different clustering techniques are used i.e. K-mean clustering and hierarchical clustering to check the performance of system in terms of false positive rate (FPR) and detector generation time (DGT). The system includes modules like input dataset, preprocessing on input dataset, clustering and selection of sample training dataset, testing dataset, and performance analysis using training and testing dataset. The experimental results are calculated based on large-scale dataset, i.e., NSL-KDD for detector generation time and false positive rate (FPR). Our proposed technique gives better result for false positive rate and detector generation time as compared to K-means clustering technique.