{"title":"混合ABC-DT分层k均值聚类的最优聚类选择和入侵检测性能分析","authors":"Josemila Baby Jesuretnam, Jeba James Rose","doi":"10.1108/IJPCC-05-2020-0037","DOIUrl":null,"url":null,"abstract":"\nPurpose\nThis paper aims to propose a multi-dimensional hierarchical K-means clustering algorithm for the purpose of intrusion detection. Initially, the clustering set of rules is proposed to shape some of clusters in the network and then the most beneficial clusters are decided on by the use of Cuckoo search optimization set of rules. Finally, an Artificial Bee Colony primarily based selection tree (ABC-DT) classifier is rented to classify the regular and unusual instances present in the network with the aid of the extracted features.\n\n\nDesign/methodology/approach\nIntrusion detection system (IDS) is crucial for the network system; the intruder can take sensitive details about the network. IDS are said to be more effective when it has both high intrusion detection rate and low false alarm rate. Numerous strategies including gadget mastering, records mining and statistical techniques were tested for IDS mission. Recent study reveals that combining multiple classifiers, i.e. classifiers ensemble, can also own better performance than unmarried classifier. In this paper, a comparative study is conducted of the overall performance of four classifiers, i.e. hybrid ABC-DT particle swarm optimization-based K-means clustering (PSO-KM), help vector device (SVM) and K-Nearest neighbour (KNN). All the four classifiers are tested with exceptional packet sizes 1470, 1024, 512 and 256. The experiment is carried out for the speed ranging from turned into done for the velocity ranging from 250Mbps, 500Mbps, 750Mbps, 1.0Gpbs, 1.5Gbps, and 2.0Gbps in terms of accuracy, detection charge, specificity, false alarm charge and computational time. The experimental results reveals that the hybridization of classifiers performs better than the base classifiers in all scenarios.\n\n\nFindings\nThis study analyses the performance of hybrid ABC-DT classifier and compares the performance against three well-known classifiers such as PSO-KM, SVM and K-NN. The performances of all the four classifiers are tested with Discovery in Data Mining (KDD) CUP 99 dataset with different packet sizes 1470, 1024, 512 and 256. The results show the classifier performance variations with different speed ranges. From the experimental results and analysis, the hybridization of classifiers such as ABC-DT outperforms the base classifiers in all scenarios.\n\n\nOriginality/value\nThe novel approach in this paper is used to study the hybrid ABC-DT classifier and compare the performance against three well-known classifiers such as PSO-KM, SVM and K-NN. The discussed concept is used within the network to monitor the traffic to and from all the devices connected in that network.\n","PeriodicalId":210948,"journal":{"name":"Int. J. Pervasive Comput. Commun.","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Performance analysis of optimal cluster selection and intrusion detection by hierarchical K-means clustering with hybrid ABC-DT\",\"authors\":\"Josemila Baby Jesuretnam, Jeba James Rose\",\"doi\":\"10.1108/IJPCC-05-2020-0037\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"\\nPurpose\\nThis paper aims to propose a multi-dimensional hierarchical K-means clustering algorithm for the purpose of intrusion detection. Initially, the clustering set of rules is proposed to shape some of clusters in the network and then the most beneficial clusters are decided on by the use of Cuckoo search optimization set of rules. Finally, an Artificial Bee Colony primarily based selection tree (ABC-DT) classifier is rented to classify the regular and unusual instances present in the network with the aid of the extracted features.\\n\\n\\nDesign/methodology/approach\\nIntrusion detection system (IDS) is crucial for the network system; the intruder can take sensitive details about the network. IDS are said to be more effective when it has both high intrusion detection rate and low false alarm rate. Numerous strategies including gadget mastering, records mining and statistical techniques were tested for IDS mission. Recent study reveals that combining multiple classifiers, i.e. classifiers ensemble, can also own better performance than unmarried classifier. In this paper, a comparative study is conducted of the overall performance of four classifiers, i.e. hybrid ABC-DT particle swarm optimization-based K-means clustering (PSO-KM), help vector device (SVM) and K-Nearest neighbour (KNN). All the four classifiers are tested with exceptional packet sizes 1470, 1024, 512 and 256. The experiment is carried out for the speed ranging from turned into done for the velocity ranging from 250Mbps, 500Mbps, 750Mbps, 1.0Gpbs, 1.5Gbps, and 2.0Gbps in terms of accuracy, detection charge, specificity, false alarm charge and computational time. The experimental results reveals that the hybridization of classifiers performs better than the base classifiers in all scenarios.\\n\\n\\nFindings\\nThis study analyses the performance of hybrid ABC-DT classifier and compares the performance against three well-known classifiers such as PSO-KM, SVM and K-NN. The performances of all the four classifiers are tested with Discovery in Data Mining (KDD) CUP 99 dataset with different packet sizes 1470, 1024, 512 and 256. The results show the classifier performance variations with different speed ranges. From the experimental results and analysis, the hybridization of classifiers such as ABC-DT outperforms the base classifiers in all scenarios.\\n\\n\\nOriginality/value\\nThe novel approach in this paper is used to study the hybrid ABC-DT classifier and compare the performance against three well-known classifiers such as PSO-KM, SVM and K-NN. The discussed concept is used within the network to monitor the traffic to and from all the devices connected in that network.\\n\",\"PeriodicalId\":210948,\"journal\":{\"name\":\"Int. J. Pervasive Comput. Commun.\",\"volume\":\"30 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Pervasive Comput. Commun.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1108/IJPCC-05-2020-0037\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Pervasive Comput. Commun.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/IJPCC-05-2020-0037","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
目的提出一种用于入侵检测的多维分层k均值聚类算法。首先,提出聚类规则集来塑造网络中的一些聚类,然后使用布谷鸟搜索优化规则集来确定最有利的聚类。最后,利用基于人工蜂群的选择树(ABC-DT)分类器,利用提取的特征对网络中存在的规则和异常实例进行分类。入侵检测系统(IDS)对网络系统至关重要;入侵者可以获取有关网络的敏感细节。当入侵检测率高、误报率低时,入侵检测的效率更高。IDS任务测试了许多策略,包括工具掌握、记录挖掘和统计技术。最近的研究表明,组合多个分类器,即分类器集成,也比单一分类器具有更好的性能。本文对基于ABC-DT混合粒子群优化的k -均值聚类(PSO-KM)、帮助向量设备(SVM)和k -近邻(KNN)四种分类器的总体性能进行了比较研究。所有四种分类器都用异常数据包大小1470、1024、512和256进行了测试。从准确率、检测费用、专一性、虚警费用和计算时间等方面,在250Mbps、500Mbps、750Mbps、1.0Gpbs、1.5Gbps和2.0Gbps的速度范围内,对从转弯到完成的速度进行了实验。实验结果表明,混合分类器在所有场景下的性能都优于基本分类器。本研究分析了ABC-DT混合分类器的性能,并与PSO-KM、SVM和K-NN三种知名分类器进行了性能比较。在数据挖掘中的发现(KDD) CUP 99数据集上测试了这四种分类器的性能,数据集的数据包大小分别为1470、1024、512和256。结果表明,在不同的转速范围内,分类器的性能发生了变化。从实验结果和分析来看,ABC-DT等混合分类器在所有场景下的性能都优于基本分类器。本文采用新颖的方法对ABC-DT混合分类器进行了研究,并与PSO-KM、SVM和K-NN等三种知名分类器进行了性能比较。所讨论的概念在网络中用于监视网络中连接的所有设备之间的流量。
Performance analysis of optimal cluster selection and intrusion detection by hierarchical K-means clustering with hybrid ABC-DT
Purpose
This paper aims to propose a multi-dimensional hierarchical K-means clustering algorithm for the purpose of intrusion detection. Initially, the clustering set of rules is proposed to shape some of clusters in the network and then the most beneficial clusters are decided on by the use of Cuckoo search optimization set of rules. Finally, an Artificial Bee Colony primarily based selection tree (ABC-DT) classifier is rented to classify the regular and unusual instances present in the network with the aid of the extracted features.
Design/methodology/approach
Intrusion detection system (IDS) is crucial for the network system; the intruder can take sensitive details about the network. IDS are said to be more effective when it has both high intrusion detection rate and low false alarm rate. Numerous strategies including gadget mastering, records mining and statistical techniques were tested for IDS mission. Recent study reveals that combining multiple classifiers, i.e. classifiers ensemble, can also own better performance than unmarried classifier. In this paper, a comparative study is conducted of the overall performance of four classifiers, i.e. hybrid ABC-DT particle swarm optimization-based K-means clustering (PSO-KM), help vector device (SVM) and K-Nearest neighbour (KNN). All the four classifiers are tested with exceptional packet sizes 1470, 1024, 512 and 256. The experiment is carried out for the speed ranging from turned into done for the velocity ranging from 250Mbps, 500Mbps, 750Mbps, 1.0Gpbs, 1.5Gbps, and 2.0Gbps in terms of accuracy, detection charge, specificity, false alarm charge and computational time. The experimental results reveals that the hybridization of classifiers performs better than the base classifiers in all scenarios.
Findings
This study analyses the performance of hybrid ABC-DT classifier and compares the performance against three well-known classifiers such as PSO-KM, SVM and K-NN. The performances of all the four classifiers are tested with Discovery in Data Mining (KDD) CUP 99 dataset with different packet sizes 1470, 1024, 512 and 256. The results show the classifier performance variations with different speed ranges. From the experimental results and analysis, the hybridization of classifiers such as ABC-DT outperforms the base classifiers in all scenarios.
Originality/value
The novel approach in this paper is used to study the hybrid ABC-DT classifier and compare the performance against three well-known classifiers such as PSO-KM, SVM and K-NN. The discussed concept is used within the network to monitor the traffic to and from all the devices connected in that network.