Abstract— The success of any Intrusion Detection System lies in its ability to quickly adapt to new threats in near real time and further prevent new attacks. This implies extremely efficient machine learning algorithms in the backend, which in turn may use clustering algorithms capable of distinguishing between normal and anomalous network traffic. This work is a first step towards proposing such an IDS, which is built on clustering-based machine learning. The authors evaluate different clustering algorithms using a network packet trace and provide results, which help in evaluating these algorithms. The work-in-progress section of the paper visualizes the IDS which can be used in an environment where the traffic volumes are very high, enterprise boundaries are blurred, and the likelihood of malicious attacks is extremely high.
Index Terms— Clustering, intrusion detection system, security.
The authors are with the PESIT, Bangalore (e-mail: dinkar.sitaram@gmail.com).
[PDF]
Cite: Dinkar Sitaram, Manish Sharma, Mariyah Zain, Ankita Sastry, and Rishika Todi, " Intrusion Detection System for High Volume and High Velocity Packet Streams: A Clustering Approach," International Journal of Innovation, Management and Technology vol. 4, no. 5, pp. 480-485, 2013.