Global and local clustering soft assignment for intrusion detection system: a comparative study
Intrusion Detection System (IDS) plays an important role in computer network defence mechanism against malicious objects. The ability of IDS to detect new sophisticated attacks compared to traditional method such as firewall is important to secure the network. Machine Learning algorithm such as unsu...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Penerbit Universiti Kebangsaan Malaysia
2017
|
| Online Access: | http://journalarticle.ukm.my/11843/ http://journalarticle.ukm.my/11843/ http://journalarticle.ukm.my/11843/1/16798-54961-1-PB.pdf |
| id |
ukm-11843 |
|---|---|
| recordtype |
eprints |
| spelling |
ukm-118432018-07-09T04:05:09Z http://journalarticle.ukm.my/11843/ Global and local clustering soft assignment for intrusion detection system: a comparative study Mohd Rizal Kadis, Azizi Abdullah, Intrusion Detection System (IDS) plays an important role in computer network defence mechanism against malicious objects. The ability of IDS to detect new sophisticated attacks compared to traditional method such as firewall is important to secure the network. Machine Learning algorithm such as unsupervised learning and supervised learning is capable to solve the problem of classification in IDS. To achieve that, KDD Cup 99 dataset is used in experiments. This dataset contains 5 million instances with 5 different categories which are Normal, DOS, U2R, R2L and Probe. With such a large dataset, the learning process consumes a lot of processing times and resources. Clustering is unsupervised learning method that can be used for organizing data by grouping similar features into same group. In literature, many researchers used global clustering approach whereby all input will be combined and clustered to construct a codebook. However, there is an alternative technique namely local clustering approach whereby the input will be split into 5 different categories and clustered independently to construct 5 different codebooks. The main objective of this research is to compare the classification performance between the global and local clustering approaches. For this purpose, the soft assignment approach is used for indexing on KDD input and SVM for classification. In the soft assignment approach, the smallest distance values are used for attack description and RBF kernel for SVM to classify attack. The results show that the global clustering approach outperforms the local clustering approach for binary classification. It gives 83.0% of the KDD Cup 99 dataset. However, the local clustering approach outperforms the global clustering approach on multi-class classification problem. It gives 60.6% of the KDD Cup 99 dataset. Penerbit Universiti Kebangsaan Malaysia 2017-06 Article PeerReviewed application/pdf en http://journalarticle.ukm.my/11843/1/16798-54961-1-PB.pdf Mohd Rizal Kadis, and Azizi Abdullah, (2017) Global and local clustering soft assignment for intrusion detection system: a comparative study. Asia-Pacific Journal of Information Technology and Multimedia, 6 (1). pp. 57-67. ISSN 2289-2192 http://ejournal.ukm.my/apjitm/issue/view/899 |
| repository_type |
Digital Repository |
| institution_category |
Local University |
| institution |
Universiti Kebangasaan Malaysia |
| building |
UKM Institutional Repository |
| collection |
Online Access |
| language |
English |
| description |
Intrusion Detection System (IDS) plays an important role in computer network defence mechanism against malicious objects. The ability of IDS to detect new sophisticated attacks compared to traditional method such as firewall is important to secure the network. Machine Learning algorithm such as unsupervised learning and supervised learning is capable to solve the problem of classification in IDS. To achieve that, KDD Cup 99 dataset is used in experiments. This dataset contains 5 million instances with 5 different categories which are Normal, DOS, U2R, R2L and Probe. With such a large dataset, the learning process consumes a lot of processing times and resources. Clustering is unsupervised learning method that can be used for organizing data by grouping similar features into same group. In literature, many researchers used global clustering approach whereby all input will be combined and clustered to construct a codebook. However, there is an alternative technique namely local clustering approach whereby the input will be split into 5 different categories and clustered independently to construct 5 different codebooks. The main objective of this research is to compare the classification performance between the global and local clustering approaches. For this purpose, the soft assignment approach is used for indexing on KDD input and SVM for classification. In the soft assignment approach, the smallest distance values are used for attack description and RBF kernel for SVM to classify attack. The results show that the global clustering approach outperforms the local clustering approach for binary classification. It gives 83.0% of the KDD Cup 99 dataset. However, the local clustering approach outperforms the global clustering approach on multi-class classification problem. It gives 60.6% of the KDD Cup 99 dataset. |
| format |
Article |
| author |
Mohd Rizal Kadis, Azizi Abdullah, |
| spellingShingle |
Mohd Rizal Kadis, Azizi Abdullah, Global and local clustering soft assignment for intrusion detection system: a comparative study |
| author_facet |
Mohd Rizal Kadis, Azizi Abdullah, |
| author_sort |
Mohd Rizal Kadis, |
| title |
Global and local clustering soft assignment for intrusion detection system: a comparative study |
| title_short |
Global and local clustering soft assignment for intrusion detection system: a comparative study |
| title_full |
Global and local clustering soft assignment for intrusion detection system: a comparative study |
| title_fullStr |
Global and local clustering soft assignment for intrusion detection system: a comparative study |
| title_full_unstemmed |
Global and local clustering soft assignment for intrusion detection system: a comparative study |
| title_sort |
global and local clustering soft assignment for intrusion detection system: a comparative study |
| publisher |
Penerbit Universiti Kebangsaan Malaysia |
| publishDate |
2017 |
| url |
http://journalarticle.ukm.my/11843/ http://journalarticle.ukm.my/11843/ http://journalarticle.ukm.my/11843/1/16798-54961-1-PB.pdf |
| first_indexed |
2023-09-18T20:01:16Z |
| last_indexed |
2023-09-18T20:01:16Z |
| _version_ |
1777406864542138368 |