Network Intrusion Detection Using Machine Learning Anomaly Detection Algorithms
25th Signal Processing and Communications Applications Conference (SIU), Antalya, Türkiye, 15 - 18 Mayıs 2017, (Tam Metin Bildiri)
- Yayın Türü: Bildiri / Tam Metin Bildiri
- Doi Numarası: 10.1109/siu.2017.7960616
- Basıldığı Şehir: Antalya
- Basıldığı Ülke: Türkiye
- Yıldız Teknik Üniversitesi Adresli: Evet
Özet
Attacks on the network are exceptional cases that are not observed in normal traffic behavior. In this work, in order to detect network attacks, using k-means algorithm a new semi-supervised anomaly detection system has been designed and implemented. During the training phase, normal samples were separated into clusters by applying k-means algorithm. Then, in order to be able to distinguish between normal and abnormal samples according to their distances from the clusters' centers and using a validation dataset a threshold value was calculated. New samples that are far from the clusters' centers more than the threshold value is detected as anomalies. We used NSL-KDD a labelled dataset of network connection traces for testing our method's effectiveness. The experiments result on the NSL-KDD data set, shows that we achieved an accuracy of 80.119%.