Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2018, Article ID 3614093, 17 pages
https://doi.org/10.1155/2018/3614093
Research Article

Network Intrusion Detection with Threat Agent Profiling

Faculty of Science, Pavol Jozef Šafárik University in Košice, Košice, Slovakia

Correspondence should be addressed to Pavol Sokol; ks.sjpu@lokos.lovap

Received 13 November 2017; Accepted 8 February 2018; Published 25 March 2018

Academic Editor: Jesús Díaz-Verdejo

Copyright © 2018 Tomáš Bajtoš et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. S. Dua and X. Du, Data Mining and Machine Learning in Cybersecurity, CRC Press, 2011. View at Publisher · View at Google Scholar
  2. B. Morin, L. Mé, H. Debar, and M. Ducassé, “M2D2: A formal data model for IDS alert correlation,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics): Preface, vol. 2516, pp. 115–137, 2002. View at Publisher · View at Google Scholar · View at Scopus
  3. O. Depren, M. Topallar, E. Anarim, and M. K. Ciliz, “An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks,” Expert Systems with Applications, vol. 29, no. 4, pp. 713–722, 2005. View at Publisher · View at Google Scholar · View at Scopus
  4. H. Debar, M. Dacier, and A. Wespi, “Towards a taxonomy of intrusion-detection systems,” Computer Networks, vol. 31, no. 8, pp. 805–822, 1999. View at Publisher · View at Google Scholar · View at Scopus
  5. A. L. Buczak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153–1176, 2016. View at Publisher · View at Google Scholar · View at Scopus
  6. P. García-Teodoroa, J. Díaz-Verdejoa, G. Maciá-Fernándeza, and E. Vázquezb, “Anomaly-based network intrusion detection: techniques, systems and challenges,” Computers & Security, vol. 28, no. 1-2, pp. 18–28, 2009. View at Publisher · View at Google Scholar
  7. D. J. Marchette, “A statistical method for profiling network traffic,” in Proceedings of the Workshop on Intrusion Detection and Network Monitoring, pp. 119–128, 1999.
  8. R. Shirey, “Internet Security Glossary, Version 2,” RFC Editor RFC4949, 2007. View at Publisher · View at Google Scholar
  9. G. Münz, S. Li, and G. Carle, “Traffic anomaly detection using k-means clustering,” in Proceedings of the GI/ITG Workshop MMBnet, 2007.
  10. T. Li and J. Wang, “Research on network intrusion detection system based on improved k-means clustering algorithm,” in Proceedings of the International Forum on Computer Science-Technology and Applications (IFCSTA '09), pp. 76–79, December 2009. View at Publisher · View at Google Scholar · View at Scopus
  11. R. Ranjan and G. Sahoo, “A new clustering approach for anomaly intrusion detection,” International Journal of Data Mining & Knowledge Management Process (IJDKP), 2014. View at Google Scholar
  12. M. Eslamnezhad and A. Y. Varjani, “Intrusion detection based on MinMax K-means clustering,” in Proceedings of the 7th International Symposium on Telecommunications (IST '14), pp. 804–808, IEEE, Tehran, Iran, September 2014. View at Publisher · View at Google Scholar · View at Scopus
  13. S. Varuna and P. Natesan, “An integration of k-means clustering and naïve bayes classifier for Intrusion Detection,” in Proceedings of the 3rd International Conference on Signal Processing, Communication and Networking, ICSCN 2015, pp. 1–5, March 2015. View at Publisher · View at Google Scholar · View at Scopus
  14. Z. Muda, W. Yassin, M. Sulaiman, and N. Udzir, “K-means clustering and naive bayes classification for intrusion detection,” Journal of IT in Asia, vol. 4, no. 1, pp. 13–25, 2016. View at Google Scholar
  15. R. M. Elbasiony, E. A. Sallam, T. E. Eltobely, and M. M. Fahmy, “A hybrid network intrusion detection framework based on random forests and weighted k-means,” Ain Shams Engineering Journal, vol. 4, no. 4, pp. 753–762, 2013. View at Publisher · View at Google Scholar · View at Scopus
  16. K. Sequeira and M. Zaki, “ADMIT: Anomaly-based data mining for intrusions,” in Proceedings of the KDD - 2002 Proceedings of the Eight ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 386–395, July 2002. View at Scopus
  17. Y. Liao and V. R. Vemuri, “Use of k-nearest neighbor classifier for intrusion detection,” Computers & Security, vol. 21, no. 5, pp. 439–448, 2002. View at Publisher · View at Google Scholar · View at Scopus
  18. M. M. Breunig, H.-P. Kriegel, R. T. Ng, and J. Sander, “LOF: identifying density-based local outliers,” ACM SIGMOD Record, vol. 29, no. 2, pp. 93–104, 2000. View at Publisher · View at Google Scholar
  19. A. Jakalan, J. Gong, and S. Liu, “Profiling IP hosts based on traffic behavior,” in Proceedings of the IEEE International Conference on Communication Software and Networks, ICCSN 2015, pp. 105–111, June 2015. View at Publisher · View at Google Scholar · View at Scopus
  20. J. Erman, M. Arlitt, and A. Mahanti, “Traffic classification using clustering algorithms,” in Proceedings of the SIGCOMM Workshop on Mining Network Data (MineNet '06), pp. 281–286, ACM, Pisa, Italy, September 2006. View at Publisher · View at Google Scholar
  21. K. Xu, F. Wang, and L. Gu, “Network-aware behavior clustering of Internet end hosts,” in Proceedings of the IEEE INFOCOM 2011, pp. 2078–2086, April 2011. View at Publisher · View at Google Scholar · View at Scopus
  22. K. Xu, F. Wang, and L. Gu, “Behavior analysis of internet traffic via bipartite graphs and one-mode projections,” IEEE/ACM Transactions on Networking, vol. 22, no. 3, pp. 931–942, 2014. View at Publisher · View at Google Scholar · View at Scopus
  23. C. Hennig, Fpc: Flexible Procedures for Clustering. R package version 2.1-10, 2015.
  24. A. Archimbaud, K. Nordhausen, and A. Ruiz-Gazen, Outlier Detection Using Invariant Coordinate Selection. R package version 0.2-0, 2016.
  25. L. Torgo, Data Mining with R, Learning with Case Studies, Chapman and Hall/CRC, 2nd edition, 2006.
  26. P. Kácha, M. Kostenec, and A. Kropácová, “Warden 3: Security event exchange redesign,” in Proceedings of the 19th International Conference on Computers: Recent Advances in Computer Science, 2015.
  27. P. Kácha, “Idea, security event taxonomy mapping,” in Proceedings of the 18th International Conference on Circuits, Systems, Communications and Computers, 2014.
  28. P. Kácha, “Idea:designing the data model for security event exchange,” in Proceedings of the 17th International Conference on Computers: Recent Advances in Computer Science, 2013.
  29. Postgresql (2017). Postgresql project. Accessed: 10th November 2017.
  30. IP-API (2017). Ip-api project. Accessed: 10th November 2017.
  31. A. Nagpal, A. Jatain, and D. Gaur, “Review based on data clustering algorithms,” in Proceedings of the 2013 IEEE Conference on Information and Communication Technologies, ICT 2013, pp. 298–303, India, April 2013. View at Publisher · View at Google Scholar · View at Scopus
  32. H.-P. Kriegel, P. Kröger, J. Sander, and A. Zimek, “Density-based clustering,” Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, vol. 1, no. 3, pp. 231–240, 2011. View at Publisher · View at Google Scholar · View at Scopus
  33. M. Ilango and V. Mohan, A Survey of Grid Based Clustering Algorithms, 2010.
  34. C. Fraley and A. E. Raftery, “Model-based clustering, discriminant analysis, and density estimation,” Journal of the American Statistical Association, vol. 97, no. 458, pp. 611–631, 2002. View at Publisher · View at Google Scholar · View at MathSciNet · View at Scopus
  35. P. Fränti, G. Brown, M. Loog, F. Escolano, and M. Pelillo, Eds., A Comparison of Categorical Attribute Data Clustering Methods, Structural, Syntactic, and Statistical Pattern Recognition, Springer, Berlin, Germany, 2014.
  36. D. Lam, M. Wei, and D. Wunsch, “Clustering Data of Mixed Categorical and Numerical Type With Unsupervised Feature Learning,” IEEE Access, vol. 3, pp. 1605–1616, 2015. View at Publisher · View at Google Scholar · View at Scopus
  37. C. Döring, M.-J. Lesot, and R. Kruse, “Data analysis with fuzzy clustering methods,” Computational Statistics & Data Analysis, vol. 51, no. 1, pp. 192–214, 2006. View at Publisher · View at Google Scholar · View at MathSciNet
  38. L. A. García-Escudero, A. Gordaliza, C. Matrán, and A. n. Mayo-Iscar, “A review of robust clustering methods,” Advances in Data Analysis and Classification. ADAC, vol. 4, no. 2-3, pp. 89–109, 2010. View at Publisher · View at Google Scholar · View at MathSciNet
  39. B. Makhabel, “Learning Data Mining with R,” in Community experience distilled, Packt Publishing, 2015. View at Google Scholar
  40. S. Tufféry, Data Mining and Statistics for Decision Making, Wiley Series in Computational Statistics, Wiley, 2011. View at Publisher · View at Google Scholar · View at Scopus
  41. A. Kassambara, Practical Guide to Cluster Analysis in R: Unsupervised Machine Learning, Multivariate Analysis, CreateSpace Independent Publishing Platform, 2017.
  42. A. Saxena, M. Prasad, A. Gupta et al., “A review of clustering techniques and developments,” Neurocomputing, vol. 267, pp. 664–681, 2017. View at Publisher · View at Google Scholar · View at Scopus
  43. D. Lam and D. C. Wunsch, “Clustering,” in Academic Press Library in Signal Processing: Volume 1 - Signal Processing Theory and Machine Learning, vol. 1 of Academic Press Library in Signal Processing, pp. 1115–1149, Elsevier, 2014. View at Publisher · View at Google Scholar
  44. Z. Huang, “Extensions to the k-means algorithm for clustering large data sets with categorical values,” Data Mining and Knowledge Discovery, vol. 2, no. 3, pp. 283–304, 1998. View at Publisher · View at Google Scholar · View at Scopus
  45. L. Kaufman and P. Rousseeuw, Finding Groups in Data: An Introduction to Cluster Analysis, John Wiley & Sons, New York, NY, USA, 1990. View at Publisher · View at Google Scholar · View at MathSciNet
  46. C. Hennig and M. Meila, “Cluster analysis: an overview,” in Handbook of cluster analysis, Chapman & Hall/CRC Handbooks of Modern Statistical Methods, pp. 1–19, CRC Press, Boca Raton, FL, USA, 2016. View at Google Scholar · View at MathSciNet
  47. G. Brock, V. Pihur, S. Datta, and S. Datta, “ClValid: An R package for cluster validation,” Journal of Statistical Software , vol. 25, no. 4, pp. 1–22, 2008. View at Google Scholar · View at Scopus
  48. Y. Liu, Z. Li, H. Xiong, X. Gao, and J. Wu, “Understanding of internal clustering validation measures,” in Proceedings of the 10th IEEE International Conference on Data Mining, ICDM 2010, pp. 911–916, December 2010. View at Publisher · View at Google Scholar · View at Scopus
  49. M. Charrad, N. Ghazzali, V. Boiteau, and A. Niknafs, “Nbclust: An R package for determining the relevant number of clusters in a data set,” Journal of Statistical Software , vol. 61, no. 6, pp. 1–36, 2014. View at Google Scholar · View at Scopus
  50. C. C. Aggarwal, Data Mining: The Textbook, Springer International Publishing, 2015. View at MathSciNet
  51. G. Gan and M. K.-P. Ng, “k-means clustering with outlier removal,” Pattern Recognition Letters, vol. 90, pp. 8–14, 2017. View at Publisher · View at Google Scholar · View at Scopus
  52. D. Lei, Q. Zhu, J. Chen, H. Lin, and P. Yang, “Automatic k-means clustering algorithm for outlier detection,” Lecture Notes in Electrical Engineering, vol. 154, pp. 363–372, 2012. View at Publisher · View at Google Scholar · View at Scopus
  53. M. Ester, H.-P. Kriegel, J. Sander, and X. Xu, “A density-based algorithm for discovering clusters in large spatial databases with noise,” in Proceedings of the 2nd International Conference on Knowledge Discovery and Data Mining (KDD '96), pp. 226–231, 1996.
  54. A. Archimbaud, K. Nordhausen, and A. Ruiz-Gazen, “Multivariate outlier detection with Ics,” https://arxiv.org/abs/1612.06118v3.
  55. A. Kassambara and F. Mundt, factoextra: Extract and Visualize the Results of Multivariate Data Analyses. R package version 1.0.5., 2017.
  56. A. Banerjee and R. N. Davé, “Validating clusters using the Hopkins statistic,” in Proceedings of the 2004 IEEE International Conference on Fuzzy Systems - Proceedings, pp. 149–153, July 2004. View at Publisher · View at Google Scholar · View at Scopus
  57. L. YiLan and Z. RuTong, clustertend: Check the Clustering Tendency. R package version 1.4. 2015.
  58. R Core Team (2017). R: A Language and Environment for Statistical Computing. R Foundation for Statistical Computing, Vienna, Austria, 2017.
  59. M. Maechler, P. Rousseeuw, A. Struyf, M. Hubert, and K. Hornik, cluster: Cluster Analysis Basics and Extensions, 2017.