Intrusion detection system using hybrid GSA-k-Means
Security is an important aspect in our daily life. Intrusion Detection Systems (IDS) are developed to be the defense against security threats. Current signature based IDS like firewalls and antiviruses, which rely on labeled training data, generally cannot detect novel attacks. The purpose of this s...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2013
|
Subjects: | |
Online Access: | http://eprints.utm.my/id/eprint/78118/1/BibiMasoomehAslahiMFC20131.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-utm-ep.78118 |
---|---|
record_format |
uketd_dc |
spelling |
my-utm-ep.781182018-07-25T08:17:37Z Intrusion detection system using hybrid GSA-k-Means 2013-01 Aslahi, Bibi Masoomeh QA75 Electronic computers. Computer science Security is an important aspect in our daily life. Intrusion Detection Systems (IDS) are developed to be the defense against security threats. Current signature based IDS like firewalls and antiviruses, which rely on labeled training data, generally cannot detect novel attacks. The purpose of this study is to improve the performance of IDS in terms of detection accuracy and reduce False Alarm Rate (FAR). Clustering is an important task in data mining that is used in IDS applications to detect novel attacks. Clustering refers to grouping together data objects so that objects within a cluster are similar to one another, while objects in different clusters are dissimilar. K-Means is a simple and efficient algorithm that is widely used for data clustering. However, its performance depends on the initial state of centroids and may trap in local optima. The Gravitational Search Algorithm (GSA) is one effective method for searching problem space to find a near optimal solution. In this study, a hybrid approach based on GSA and k-Means (GSA-kMeans), which uses the advantages of both algorithms, is presented. The performance of GSA-kMeans is compared with other well-known algorithms, including k-Means and Gravitational Search Algorithm (GSA). Experimental results on the KDDCup 1999 dataset have demonstrated that the proposed method is more efficient in the detection of intrusive behavior than conventional k-Means and standard GSA which shows 80.62% detection accuracy and 7.45% FAR. 2013-01 Thesis http://eprints.utm.my/id/eprint/78118/ http://eprints.utm.my/id/eprint/78118/1/BibiMasoomehAslahiMFC20131.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:82652 masters Universiti Teknologi Malaysia, Faculty of Computing Faculty of Computing |
institution |
Universiti Teknologi Malaysia |
collection |
UTM Institutional Repository |
language |
English |
topic |
QA75 Electronic computers Computer science |
spellingShingle |
QA75 Electronic computers Computer science Aslahi, Bibi Masoomeh Intrusion detection system using hybrid GSA-k-Means |
description |
Security is an important aspect in our daily life. Intrusion Detection Systems (IDS) are developed to be the defense against security threats. Current signature based IDS like firewalls and antiviruses, which rely on labeled training data, generally cannot detect novel attacks. The purpose of this study is to improve the performance of IDS in terms of detection accuracy and reduce False Alarm Rate (FAR). Clustering is an important task in data mining that is used in IDS applications to detect novel attacks. Clustering refers to grouping together data objects so that objects within a cluster are similar to one another, while objects in different clusters are dissimilar. K-Means is a simple and efficient algorithm that is widely used for data clustering. However, its performance depends on the initial state of centroids and may trap in local optima. The Gravitational Search Algorithm (GSA) is one effective method for searching problem space to find a near optimal solution. In this study, a hybrid approach based on GSA and k-Means (GSA-kMeans), which uses the advantages of both algorithms, is presented. The performance of GSA-kMeans is compared with other well-known algorithms, including k-Means and Gravitational Search Algorithm (GSA). Experimental results on the KDDCup 1999 dataset have demonstrated that the proposed method is more efficient in the detection of intrusive behavior than conventional k-Means and standard GSA which shows 80.62% detection accuracy and 7.45% FAR. |
format |
Thesis |
qualification_level |
Master's degree |
author |
Aslahi, Bibi Masoomeh |
author_facet |
Aslahi, Bibi Masoomeh |
author_sort |
Aslahi, Bibi Masoomeh |
title |
Intrusion detection system using hybrid GSA-k-Means |
title_short |
Intrusion detection system using hybrid GSA-k-Means |
title_full |
Intrusion detection system using hybrid GSA-k-Means |
title_fullStr |
Intrusion detection system using hybrid GSA-k-Means |
title_full_unstemmed |
Intrusion detection system using hybrid GSA-k-Means |
title_sort |
intrusion detection system using hybrid gsa-k-means |
granting_institution |
Universiti Teknologi Malaysia, Faculty of Computing |
granting_department |
Faculty of Computing |
publishDate |
2013 |
url |
http://eprints.utm.my/id/eprint/78118/1/BibiMasoomehAslahiMFC20131.pdf |
_version_ |
1747817911387422720 |