An Analysis of K-means Algorithm Based Network Intrusion Detection System

Aung, Yi Yi; Min, Myat Myat

doi:10.25046/aj030160

Cited by 20 publications

(3 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since the K-means algorithm always converges, K-means can always reach a steady state in a finite number of steps, i.e., the clustering centres will not change again [14][15][16]. Since changes in the clustering centres often occur in the course of the previous iterations, in order to optimise the time complexity of the algorithm, the iterative process can usually be stopped and the results can be output directly when only more than 99% of the data points belong to clusters that no longer change.…”

Section: Clustering Analysis Of Student Behaviour Using the K-means A...mentioning

confidence: 99%

Challenges and Strategies of Student Management in Universities in the Context of Big Data

Zhang

2022

Mobile Information Systems

View full text Add to dashboard Cite

As the most active and knowledge-intensive university, the forefront of the use of network information technology, the education, management, and service mode of the school, and the ideology, learning methods, and behavioural habits of teachers and students will be profoundly affected by the era of big data. The current form of student management in universities is too old and needs to be replaced by a new management system. With the promotion of the construction of smart campus, the rapid development of big data technology has realised the innovation of student management in colleges and universities. This paper takes students of Wuhan University as the research object. By collecting various application data in the campus information system, the K-means algorithm in cluster analysis is used to classify students’ campus behavioural characteristics, and then the Apriori algorithm is used to correlate students’ behavioural characteristics with their academic performance. The experimental results show that there is a close relationship between the consumption behaviour, work and rest behaviour, study behaviour characteristics of different student groups, and their academic performance. Using the results of these analyses, universities can adopt differentiated management measures for different categories of students, which can help improve students’ academic performance as well as further enhance the efficiency of student management.

show abstract

Section: Clustering Analysis Of Student Behaviour Using the K-means A...mentioning

confidence: 99%

Challenges and Strategies of Student Management in Universities in the Context of Big Data

Zhang

2022

Mobile Information Systems

View full text Add to dashboard Cite

show abstract

“…processing layers generated by multilayer perception mechanisms [3]. Computer vision [4], speech recognition [5], natural language processing [6], biomedicine [7], and malicious code detection [8], as well as several other fields, have been applied to deep learning. Studies on deep learning in network security have steadily appeared since 2015, drawing broad interest from academic circles.…”

Section: Local Outlier Factormentioning

confidence: 99%

Intrusion Detection Models Using Supervised and Unsupervised Algorithms - A Comparative Estimation

Sirisha¹,

Chaitanya²,

Krishna³

et al. 2021

IJSSE

View full text Add to dashboard Cite

Intrusion Detection is a protection device that tracks and identifies inappropriate network behaviors. Several computer simulation methods for identifying network infiltrations have been suggested. The existing mechanisms are not adequate to cope with network protection threats that expand exponentially with Internet use. Unbalanced groups are one of the issues with datasets. This paper outlines the implementation and study on classification and identification of anomaly in different machine learning algorithms for network dependent intrusion. A number of balanced and unbalanced data sets are known as benchmarks for assessments by NSLKDD and CICIDS. For deciding the right range of options for app collection is the Random Forest Classifier. The chosen logistic regression, decision trees, random forest, naive bayes, nearest neighbors, K-means, isolation forest, locally-based outliers are a group of algorithms that have been monitored and unmonitored for their use. Results from implementations reveal that Random Forest beats the other approaches for supervised learning, though K-Means does better than others.

show abstract

“…Additionally, the two classical IDS implementation methods are Network Intrusion Detection Systems (NIDS) ( Mirsky et al, 2018 ) and Host-based IDS (HIDS) ( Aung & Min, 2018 ). A HIDS detection method monitors and detects internal attacks using the data from audit sources and host systems like firewall logs, database logs, application system audits, window server logs, and operating systems ( Khraisat et al, 2019 ).…”

Section: Introductionmentioning

confidence: 99%

A novel hybrid-based approach of snort automatic rule generator and security event correlation (SARG-SEC)

Jaw

Wang

2022

PeerJ Computer Science

View full text Add to dashboard Cite

The rapid advanced technological development alongside the Internet with its cutting-edge applications has positively impacted human society in many aspects. Nevertheless, it equally comes with the escalating privacy and critical cybersecurity concerns that can lead to catastrophic consequences, such as overwhelming the current network security frameworks. Consequently, both the industry and academia have been tirelessly harnessing various approaches to design, implement and deploy intrusion detection systems (IDSs) with event correlation frameworks to help mitigate some of these contemporary challenges. There are two common types of IDS: signature and anomaly-based IDS. Signature-based IDS, specifically, Snort works on the concepts of rules. However, the conventional way of creating Snort rules can be very costly and error-prone. Also, the massively generated alerts from heterogeneous anomaly-based IDSs is a significant research challenge yet to be addressed. Therefore, this paper proposed a novel Snort Automatic Rule Generator (SARG) that exploits the network packet contents to automatically generate efficient and reliable Snort rules with less human intervention. Furthermore, we evaluated the effectiveness and reliability of the generated Snort rules, which produced promising results. In addition, this paper proposed a novel Security Event Correlator (SEC) that effectively accepts raw events (alerts) without prior knowledge and produces a much more manageable set of alerts for easy analysis and interpretation. As a result, alleviating the massive false alarm rate (FAR) challenges of existing IDSs. Lastly, we have performed a series of experiments to test the proposed systems. It is evident from the experimental results that SARG-SEC has demonstrated impressive performance and could significantly mitigate the existing challenges of dealing with the vast generated alerts and the labor-intensive creation of Snort rules.

show abstract

An Analysis of K-means Algorithm Based Network Intrusion Detection System

Cited by 20 publications

References 6 publications

Challenges and Strategies of Student Management in Universities in the Context of Big Data

Challenges and Strategies of Student Management in Universities in the Context of Big Data

Intrusion Detection Models Using Supervised and Unsupervised Algorithms - A Comparative Estimation

A novel hybrid-based approach of snort automatic rule generator and security event correlation (SARG-SEC)

Contact Info

Product

Resources

About