Abstract
Be it an individual, or an organization or any government institution, cyber-attack has no boundaries. Cyber-attacks in the form of Malware, Phishing and Intrusion into an enterprise network have become more prevalent these days. With advancement in technology, the number of connected devices has increased vastly leading to storage of very sensitive data belonging to different entities. Cybercriminals attempt to access this data as it is very lucrative for them to monetize this information. Due to the sophistication in technology used by cybercriminals, these attacks have become more difficult to detect and handle, making it a major challenge for governments and various enterprises to protect their sensitive data. Traditional detection methods such as antivirus and firewalls are limited only to known attacks, i.e., the attacks which have occurred in the past. Nowadays the growing advancement in the field of technology has led to unique and different types of attacks for which the traditional detection methods fail. In this paper, we will propose our methodology of Intrusion detection which will be able to handle such threats in near real time.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ratha, N. K., Connell, J. H., & Bolle, R. M. (2001). Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal, 40(3), 614–634.
Goyal, A., & Kumar, C. (2008). GA-NIDS: A genetic algorithm based network intrusion detection system. Northwestern University.
Khan, L., Awad, M., & Thuraisingham, B. (2007). A new intrusion detection system using support vector machines and hierarchical clustering. The VLDB Journal—The International Journal on Very Large Data Bases, 16(4), 507–521.
Ganapathy, S., Yogesh, P., & Kannan, A. (2011). An intelligent intrusion detection system for mobile ad-hoc networks using classification techniques. Communications in Computer and Information Science, 148, 117–122.
Jawhar, M. M. T., & Mehrotra, M. (2010). Anomaly intrusion detection system using hamming network approach. International Journal of Computer Science & Communication, 1(1), 165–169.
Norouzian, M. R., & Merati, S. (2011). Classifying attacks in a network intrusion detection system based on artificial neural networks. In 2011 13th International Conference on Advanced Communication Technology (ICACT). IEEE.
Portnoy, L., Eskin, E, & Stolfo, S. (2001). Intrusion detection with unlabeled data using clustering. In Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA-2001.
Sarasamma, S. T., Zhu, Q. A., & Huff, J. (2005). Hierarchical Kohonenen net for anomaly detection in network security. IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics), 35(2), 302–312.
Lappas, T., & Pelechrinis, K. (2007). Data mining techniques for (network) intrusion detection systems. Department of Computer Science and Engineering UC Riverside, Riverside CA, 92521.
Qing, Y., Xiaoping, W., & Gaofeng, H. (2010). An intrusion detection approach based on data mining. In 2010 2nd International Conference on Future Computer and Communication (ICFCC), Vol. 1. IEEE.
Pan, Z.-S. et al. (2003). Hybrid neural network and C4. 5 for misuse detection. In 2003 International Conference on Machine Learning and Cybernetics, Vol. 4. IEEE.
Gaddam, S. R., Phoha, V. V., & Balagani, K. S. (2007). K-Means + ID3: A novel method for supervised anomaly detection by cascading K-Means clustering and ID3 decision tree learning methods. IEEE Transactions on Knowledge and Data Engineering, 19(3), 345–354.
Wang, G. et al. (2010). A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering. Expert Systems with Applications, 37(9), 6225–6232.
Gaikwad, D. P. et al. (2012). Anomaly based intrusion detection system using artificial neural network and fuzzy clustering. International Journal of Engineering, 1(9).
Bahrololum, M., Salahi, E., & Khaleghi, M. (2009). Anomaly intrusion detection design using hybrid of unsupervised and supervised neural network. International Journal of Computer Networks & Communications (IJCNC), 1(2), 26–33.
Muda, Z. et al. (2011). Intrusion detection based on K-Means clustering and Naïve Bayes classification. In 2011 7th International Conference on Information Technology in Asia (CITA 11). IEEE.
Om, H., & Kundu, A. (2012). A hybrid system for reducing the false alarm rate of anomaly intrusion detection system. In 2012 1st International Conference on Recent Advances in Information Technology (RAIT). IEEE.
NETRESEC. (2012). U.S. National CyberWatch Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) Netresec. http://www.netresec.com/?page=MACCDC.
Yen, T.-F. et al. (2013). Beehive: Large-scale log analysis for detecting suspicious activity in enterprise networks. In Proceedings of the 29th Annual Computer Security Applications Conference. ACM.
Denning, D. E. (1987). An intrusion-detection model. IEEE Transactions on Software Engineering, 2, 222–232.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Makkar, G., Jayaraman, M., Sharma, S. (2019). Network Intrusion Detection in an Enterprise: Unsupervised Analytical Methodology. In: Balas, V., Sharma, N., Chakrabarti, A. (eds) Data Management, Analytics and Innovation. Advances in Intelligent Systems and Computing, vol 808. Springer, Singapore. https://doi.org/10.1007/978-981-13-1402-5_34
Download citation
DOI: https://doi.org/10.1007/978-981-13-1402-5_34
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-1401-8
Online ISBN: 978-981-13-1402-5
eBook Packages: EngineeringEngineering (R0)