THE USE OF RANDOM FOREST CLASSIFICATION AND K-MEANS CLUSTERING ALGORITHM FOR DETECTING TIME STAMPED SIGNATURES IN THE ACTIVE NETWORKS | Science Publications

摘要

> In day to day information security infrastructure, intrusion detection is indispensible. Signature based intrusion detection system mechanisms are often available in detecting many types of attacks. But this mechanism alone is not sufficient in many cases. Another intrusion detection method viz K-means is employed for clustering and classifying the unlabelled data. IDS is a special embedded device or relied software package which process of monitoring the events occurring in a computer system or network (WLAN (Wi-Fi, Wimax)) and LAN ((Ethernet, FDDI, ADSL, Token ring) based) and analysing them for sign of possible incident which are violations or forthcoming threats of violations of computer security policies or standard security policies (i.e., DMA acts). We proposed a new methodology for detecting intrusions by means of clustering and classification algorithms. There we used correlation clustering and K-means clustering algorithm for clustering and random forest algorithm for classification. This type of extension establishes a layer which refines the escalated alerts using signature-based correlation. In this study, signature based intrusion detection system with optimised algorithm for better prediction of intrusions has been addressed. Results are presented and discussed.