An Improved Malicious Behaviour Detection Via k-Means and Decision Tree
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2016, Vol 7, Issue 12
Abstract
Data Mining algorithm which is applied as an anomaly detection system has been considered as one of the essential techniques in malicious behaviour detection. Unfortunately, such detection system is known for its inclination in detecting a cyber-malicious activity more accurately (i.e. maximizing malicious and non-malicious behaviours detection) and has become a persistent limitation in the deployment of intrusion detection systems. Consequently, these constraints will affect a number of important performance factors such as the accuracy, detection rate and false alarms. In this research, KMDT proposed as an anomaly detection model that utilized k-means clustering and decision tree classifier to maximize the detection of malicious behaviours by scrutinizing packet headers. The k-means clustering employed for labelling and plots the whole behaviours into identical cluster, which characterized the behaviours into suspicious or non-suspicious composition. Subsequently, these dissimilar clustered behaviours are reordered within two classes of types such as malicious and non-malicious via decision tree classifier. KMDT is a profitable finding which improved the anomaly detection performance in identifying suspicious and non-suspicious behaviours as well as characterizes it into malicious and non-malicious behaviours more accurately. These criteria have been validated by the result from the experiments throughout banking system environment dataset 2016. KMDT have detected more malicious behaviours accurately as contrast to discrete and diversely combined methods.
Authors and Affiliations
Warusia Yassin, Siti Rahayu, Faizal Abdollah, Hazlin Zin
Keywords
Related Articles
- EP ID EP397312
- DOI 10.14569/IJACSA.2016.071227
- Views 72
- Downloads 0
A Multi-Stage Optimization Model With Minimum Energy Consumption-Wireless Mesh Networks
Optimization models related with routing, bandwidth utilization and power consumption are developed in the wireless mesh computing environment using the operations research techniques such as maximal flow model, transshi...
Image Processing Based Customized Image Editor and Gesture Controlled Embedded Robot Coupled with Voice Control Features
In modern sciences and technologies, images gain much broader scopes due to the ever growing importance of scientific visualization (of often large-scale complex scientific/experimental data) like microarray data in gene...
Numerical Solutions of Heat and Mass Transfer with the First Kind Boundary and Initial Conditions in Capillary Porous Cylinder Using Programmable Graphics Hardware
Recently, heat and mass transfer simulation is more and more important in various engineering fields. In order to analyze how heat and mass transfer in a thermal environment, heat and mass transfer simulation is needed....
A Review on Urdu Language Parsing
Natural Language Processing is the multidisciplinary area of Artificial Intelligence, Machine Learning and Computational Linguistic for processing human language automatically. It involves understanding and processing of...
U Patch Antenna using Variable Substrates for Wireless Communication Systems
Due to their smaller size and light weighted structures patch antennas are frequently now used in GPS transmitters and receivers and throughout modern communication technology. In this paper a miniaturaized patch antenna...