Dynamic Evolving Cauchy Possibilistic Clustering Based on the Self-Similarity Principle (DECS) for Enhancing Intrusion Detection System

Abstract

Unsupervised machine learning plays a critical role in improving the security level of applications and systems. The cyberattack floods the network with data streams to deny services or destroy the network infrastructure. In this paper, a new development strategy (dynamic evolving cauchy possibilistic clustering based on the self-similarity principle (DECS)) is proposed to optimize the data stream clustering model based on the self-similarity principles (inter-cluster and intra-cluster). It is based on computing the self-similarity principles for data between and within clusters. The proposed system mitigates the dependence on the centre of the cluster to produce clusters with highly correlated data and minimal errors within the same cluster. The DECS consists of two phases: In the first phase, the data are clustered based on density points to generate clusters, and in the second phase, the clusters are evolved according to the inter-and intra-distance points to/in the clusters. The proposed model is tested on well-known intrusion datasets such as UNSW-NB15, KDD99 and NSL-KDD. In the experiments, DECS efficiently clustered the data with fewer errors and an optimal number of clusters compared to other models, it has achieved minimum error, high silhouette coefficient and an optimal number of clusters. The implementation results show that the average error of DECS over eight datasets is (0.45) with an average silhouette coefficient (0.63). At the same time, the pure cauchy possibilistic clustering obtains on average error (0.69) and silhouette coefficient (0.44).