Comparative Analysis Of K-Means Data Mining and Outlier Detection Approach for Network-Based Intrusion Detection

International Journal of Computer Science and Information Security (IJCSIS), Vol. 16, No. 4, April 2018

16 Pages Posted: 20 Dec 2019

See all articles by Lazarus Kwao

Lazarus Kwao

Ghana Baptist University College; University of Electronic Science and Technology of China (UESTC)

Joseph Kobina Panford

Kwame Nkrumah University of Science and Technology (KNUST)

James Ben Hayfron-Acquah

Kwame Nkrumah University of Science and Technology (KNUST)

Date Written: April 4, 2018

Abstract

New kind of intrusions causes deviation in the normal behaviour of traffic flow in computer networks every day. This study focused on enhancing the learning capabilities of IDS to detect the anomalies present in a network traffic flow by comparing the k-means approach of data mining for intrusion detection and the outlier detection approach. The k-means approach uses clustering mechanisms to group the traffic flow data into normal and abnormal clusters. Outlier detection calculates an outlier score (neighbourhood outlier factor NOF) for each flow record, whose value decides whether a traffic flow is normal or abnormal. These two methods were then compared in terms of various performance metrics and the amount of computer resources consumed by them. Overall, k-means was more accurate and precise and has better classification rate than outlier detection in intrusion detection using traffic flows. This will help systems administrators in their choice of IDS.

Suggested Citation

Kwao, Lazarus and Panford, Joseph Kobina and Hayfron-Acquah, James Ben, Comparative Analysis Of K-Means Data Mining and Outlier Detection Approach for Network-Based Intrusion Detection (April 4, 2018). International Journal of Computer Science and Information Security (IJCSIS), Vol. 16, No. 4, April 2018. Available at SSRN: https://ssrn.com/abstract=3498169 or http://dx.doi.org/10.2139/ssrn.3498169

Lazarus Kwao (Contact Author)

Ghana Baptist University College ( email )

PMB
Amakom
Kumasi
Ghana

University of Electronic Science and Technology of China (UESTC) ( email )

No.4, Section 2, North Jianshe Road
Chengdu, Chengdu
China

Joseph Kobina Panford

Kwame Nkrumah University of Science and Technology (KNUST) ( email )

Faculty of Law
Faculty of Law
Kumasi, Ashanti Region +233
Ghana

James Ben Hayfron-Acquah

Kwame Nkrumah University of Science and Technology (KNUST) ( email )

Faculty of Law
Faculty of Law
Kumasi, Ashanti Region +233
Ghana

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
6
Abstract Views
63
PlumX Metrics