To Decrease the Issue of False Alarm Rate by Providing Authentication & Thus Improving the Efficiency of Intrusion Detection System by Comparing the Result of Filtered Clusterer Algorithm & Make-Density Based Clustering Algorithm without Attribute Count
Pratik Jain1, Ravikant Kholwal2, Muskan Patidar3
1Pratik Jain*, Department of Computer Science, IPS Academy, Institute of Engineering and Science, Indore, India.
2Ravikant Kholwal, Department of Computer Science, Indian Institute of Information Technology, Design and Manufacturing, Jabalpur, India.
3Muskan Patidar, Department of Computer Science, IPS Academy, Institute of Engineering and Science, Indore, India.
Manuscript received on April 28, 2021. | Revised Manuscript received on May 03, 2021. | Manuscript published on May 30, 2021. | PP: 110-120 | Volume-10 Issue-1, May 2021. | Retrieval Number: 100.1/ijrte.A57550510121 | DOI: 10.35940/ijrte.A5755.0510121
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The Intrusion Detection System sends alerts when it detects doubtful activities while monitoring the network traffic and other known threats. In today’s time in the field of Cyber security Intrusion Detection is considered a brilliant topic that could be objective. But it might not remain objectionable for a longer period. For understanding Intrusion Detection, the meaning of Intrusion must be clear at first. According to the oxford’s learners dictionary “Intrusion is the act of entering a place that is private or where you may not be wanted”. For this article, here it defines intrusion as any un-possessed system or network festivity on one (or more) computer(s) or network(s). Here is the example of a faithful user trying to access the system taking more than the usual trial counts to complete his access to the particular account or trying to connect to an unauthorized remote port of a server. The ex-employee who was being fired lately can provoke intrusion or any authentic worker can also provoke intrusion or any other person from the outside world could perform it. In this clause, the average data is found as the attack which is considered as the case of false positive. In this paper, the main focus is on the illustration and a solution offered for the same problem. Here we are using the KDD CUP 1999 data set. According to the outcome, the anomaly class is the one that has a higher number of counts than this class. Even if it is the true user trying to get access but the outcome is an anomaly due to the high number of counts in the class. This paper introduces a solution for the detection of a true person and eradicates the false positive.
Keywords: Data Mining, Anomaly Detection System (ADS), K-Means, Ensemble, Detection Rate, False Alarm Rate, False Positive, Clustering.