Enhance density peak clustering algorithm for anomaly intrusion detection system
Abstract
In this paper proposed new model of Density Peak Clustering algorithm to enhance clustering of intrusion attacks. The Anomaly Intrusion Detection System (AIDS) by using original density peak clustering algorithm shows the stable in result to be applied to data-mining module of the intrusion detection system. The proposed system depends on two objectives; the first objective is to analyzing the disadvantage of DPC; however, we propose a novel improvement of DPC algorithm by modifying the calculation of local density method based on cosine similarity instead of the cat off distance parameter to improve the operation of selecting the peak points. The second objective is using the Gaussian kernel measure as a distance metric instead of Euclidean distance to improve clustering of high-dimensional complex nonlinear inseparable network traffic data and reduce the noise. The experimentations evaluated with NSL-KDD dataset.
Full Text:
PDFDOI: http://dx.doi.org/10.21533/pen.v9i2.1927
Refbacks
- There are currently no refbacks.
Copyright (c) Salam Saad Alkafagi, Rafah M. Almuttairi
This work is licensed under a Creative Commons Attribution 4.0 International License.
ISSN: 2303-4521
Digital Object Identifier DOI: 10.21533/pen
This work is licensed under a Creative Commons Attribution 4.0 International License