Adaptive Intrusion Detection Based on KSVMeans Algorithm

Abstract

Dependency of organisations and individuals on network based systems is growing day by day. The growth of complex computer networks augments the vulnerability of systems. This ever growing connectivity of systems gives more access to attackers and makes it even more difficult for security analysts to protect their system. Assuring secure and reliable operation of networks has become a priority research area these days. Protection techniques of network have not kept up with the increasing threat. Traditional defence mechanisms such as user authentication, data encryption, avoiding programming loopholes and firewalls are used as the first line of defence against attacks. Different types of counter measures are being devised every day. Intrusion detection system (IDS) is a relatively novel technology. Intrusion detection system identifies patterns of known intrusions (misuse detection) or differentiates anomalous network data from normal data (anomaly detection). The information collected by IDS is used for safeguarding the systems. In this research work, a novel Intrusion Detection System (IDS) architecture is proposed. It includes both anomaly and misuse detection approaches. The framework of hybrid intrusion detection system has been proposed. The major emphasis is on the anomaly detection module of the IDS. This module implements a hybrid machine learning algorithm called k-support vector means clustering algorithm. The live network traffic used as an input for the algorithm is captured by Wireshark. The algorithm clusters the network traffic into normal and anomalous packets.