TAILIEUCHUNG - The impact of distance metrics on K-means clustering algorithm using in network intrusion detection data

This paper aimed to evaluate the impact of Euclidean and Manhattan distance metrics on Kmeans algorithm using for clustering KDD cup99 intrusion detection data. Experimental results indicate that Manhattan distance metric performs better in terms of performance evaluation metrics than Euclidean distance metric. | International Journal of Computer Networks and Communications Security VOL. 3, NO. 5, MAY 2015, 225–228 Available online at: E-ISSN 2308-9830 (Online) / ISSN 2410-0595 (Print) The Impact of Distance Metrics on K-means Clustering Algorithm Using in Network Intrusion Detection Data HADI NASOOTI1, MARZIEH AHMADZADEH2, MANIJEH KESHTGARY3 and S. VAHID FARRAHI4 1, 2, 3, 4 Shiraz University of Technology, Department of Computer Engineering and IT, Shiraz, Iran E-mail: , 2ahmadzadeh@ ABSTRACT A Network Intrusion Detection System (NIDS) can detect suspicious activities that aimed to harm the network. Since, NIDS help us to keep the networks safer many researchers are motivated to propose more accurate NIDS. K-means clustering algorithm is a distance-based algorithm which widely used in IDS research area. This paper aimed to evaluate the impact of Euclidean and Manhattan distance metrics on Kmeans algorithm using for clustering KDD cup99 intrusion detection data. Experimental results indicate that Manhattan distance metric performs better in terms of performance evaluation metrics than Euclidean distance metric. Keywords: K-means Clustering, Network Intrusion Detection, Euclidean Distance, Manhattan Distance, Data Mining. 1 INTRODUCTION In computer security a threat is a possible danger that might use the system vulnerabilities in order to harm the system. An Intrusion Detection System (IDS) can detect suspicious activities that aimed to harm the network. So, an IDS can help network administrators and organizations to keep their networks safer. Up to now, the researchers are motivated in network and information security research area [1] because computer networks have many vulnerabilities and IDS can protect them from intruders. IDS can be classified into two major categories [2, 3]: Misuse-based Intrusion Detection System (MIDS) and Anomaly-based Intrusion Detection System (AIDS). The major difference between these two .

• Kỹ thuật lập trình
• International Journal of Computer Networks and Communications Security
• Distance metrics on K means clustering algorithm
• Network intrusion detection data
• Performance evaluation metrics
• Euclidean distance metric
• Securing the sip communications with XML security mechanisms
• VoIP application awareness
• Question of confidentiality and integrity
• Client authentication and data confidentiality
• Proposing minimum performance of proposed topology
• Plateau State University
• Computer networks and Communications Security
• Performance evaluation of manet protocols in communications
• Management of robots in simulation modelling
• Manet protocols in communications
• End To End Delay
• Show network optimization rate including PDR
• Deployment of voip communications in B&A spy agency
• Design and implementation
• Voip communications in B&A spy agency
• VoIP simulated in OPNET
• Proposed architecture and protocol stack for improving QoS
• Wide vehicular communications
• Vehicle to Vehicle
• An enhanced data security with compression for manets
• Enhanced data security
• Self organizing networks
• Wireless local area network security enhancement through penetration testing
• WLANs to achieve
• The frame security
• The standard network security
• Increasing the lifetime of wireless sensor networks
• Selforganizing map algorithm
• Wireless sensor networks
• Self organizing map neural networks
• Cloud computing architecture
• Wireless sensor networks for agricultural applications
• Wireless sensor actor networks
• Adaptive scheme for outliers detection in wireless sensor networks
• The Quality of Service
• Given sensor networks
• Infrared sensor and FBUS technology
• House security system based on mobile phone
• House security system
• Secure the place
• Potential applications of linear wireless sensor networks
• Linear wireless sensor networks
• LWSN in various applications
• LWSN in network topology
• Time dependent finite state machine
• Method for intrusion detection in mobile ad hoc networks
• Mobile ad hoc networks
• Malicious behavior in AODV
• Performance analysis of multimedia traffic
• MPLS communication networks with traffic engineering
• MPLS communication networks
• Conventional IP network
• Inter cluster communication in wireless sensor networks
• Inter cluster communication
• Carrying out efficient diffusion
• Cluster merging and cluster diffusion
• An optimized model for transition from Ipv4 to Ipv6 networks
• Cloud computing environment
• Ipv4 to Ipv6 networks
• Identical traffic and network loads
• The optical communications
• Simulating an optical high debit transmission chain
• Optisystem with comparison of optical windows
• Comparison of optical windows
• New unicast routing algorithm for load balancing
• Multigateway wireless mesh networks
• Negative percent algorithms
• Wireless mesh networks
• Detection of service attack
• Defense against distributed denial of service attack
• Packet filtration in wireless sensor networks
• An advance security technique challenges to government
• Wireless sensor network for health
• Emphasize ongoing treatment challenges
• Wireless sensor network
• Medical information systems
• The security of information in financial transactions via mobile
• Financial transactions via mobile
• Implement a particular algorithm
• A comprehensive approach to security requirements engineering
• Incorporating the strengths
• Best practices found
• Evaluation of security function of flipora plug in on browsers
• Flipora plug in on browsers
• Plug in in upon
• Flipora plug in
• Multi perspective analysis framework
• Multi level analysis framework
• Network security situational awareness
• Multi data analyzing researc
• Improving security and performance in the tor network
• The tor network
• IP hidden in the server