UPM Institutional Repository

Intrusion detection based on k-means clustering and OneR classification


Muda, Zaiton and Mohamed Yassin, Warusia and Sulaiman, Md. Nasir and Udzir, Nur Izura (2011) Intrusion detection based on k-means clustering and OneR classification. In: 7th International Conference on Information Assurance and Security (IAS 2011), 5-8 Dec. 2011, Melaka, Malaysia. (pp. 192-197).


Intrusion detection system (IDS) is used to detect various kinds of attacks in interconnected network. Many machine learning methods have also been introduced by researcher recently to obtain high accuracy and detection rate. Unfortunately, a potential drawback of all those methods is the rate of false alarm. However, our proposed approach shows better results, by combining clustering (to identify groups of similarly behaved samples, i.e. malicious and non-malicious activity) and classification techniques (to classify all data into correct class categories). The approach, KM+1R, combines the k-means clustering with the OneR classification technique. The KDD Cup '99 set is used as a simulation dataset. The result shows that our proposed approach achieve a better accuracy and detection rate, particularly in reducing the false alarm.

Download File

Text (Abstract)
Intrusion detection based on k-means clustering and OneR classification.pdf

Download (35kB) | Preview

Additional Metadata

Item Type: Conference or Workshop Item (Paper)
Divisions: Faculty of Computer Science and Information Technology
DOI Number: https://doi.org/10.1109/ISIAS.2011.6122818
Publisher: IEEE
Keywords: Intrusion detection system; Clustering; Classification; Machine learning
Depositing User: Nabilah Mustapa
Date Deposited: 12 Jun 2019 02:06
Last Modified: 12 Jun 2019 02:06
Altmetrics: http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.1109/ISIAS.2011.6122818
URI: http://psasir.upm.edu.my/id/eprint/68939
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item