CHALLENGES AND SOLUTIONS OF REAL-TIME CLUSTERING FOR NETWORK ANOMALY DETECTION

Authors:

Jagatheesan Kunasaikaran,Roslan Ismail,Abdul Rahim Ahmad,

DOI NO:

https://doi.org/10.26782/jmcms.2019.12.00078

Keywords:

Clustering methods,Intrusion detection,Network security,

Abstract

The escalating number of novel network attacks warrants an approach where network data is processed in real-time for anomaly detection. Clustering is one of the foremost unsupervised learning algorithms in this domain that can detect outliers without prior knowledge of the data. However, cluster analysis precludes with it many challenges that need to be overcome for it to be adapted for real-time computation. This research paper outlines these challenges and the possible solutions to mitigate these challenges. We have also explored on a brief overview of clustering algorithms to give a high-level idea of cluster analysis.

Refference:

I. T. Report, “2015 INFORMATION SECURITY,” (2015).
II. B. S. Everitt, S. Landau, M. Leese, and D. Stahl, Cluster Analysis. Wiley,
(2011).
III. A. Fahad, N. Alshatri, Z. Tari, A. Alamri, I. Khalil, A. Y. Zomaya, S.
Foufou, and A. Bouras, “IEEE TRANSACTIONS ON A Survey of
Clustering Algorithms for Big Data : Taxonomy and Empirical Analysis,”
vol. 2, no. 3, (2014).
IV. J. Leskovec, A. Rajaraman, and J. D. Ullman, Mining of Massive Datasets,
2nd ed. New York, NY, USA: Cambridge University Press, (2014).
V. M. Daszykowski and B. Walczak, “Density-Based Clustering Methods,”
Compr. Chemom., vol. 2, pp. 635–654, (2010).
VI. Z. Ruijuan, C. Jing, Z. Mingchuan, Z. Junlong, and W. Qingtao, “User
abnormal behavior analysis based on neural network clustering,” J. China
Univ. Posts Telecommun., vol. 23, no. 3, pp. 29–44, (2016).
VII. P. K. R. Oger and A. Zimek, “Clustering High-Dimensional Data : A
Survey on Subspace Clustering , Pattern-Based Clustering , and
Correlation Clustering,” vol. 3, no. 1, (2009).
VIII. G. Chandrashekar and F. Sahin, “A survey on feature selection methods,”
Comput. Electr. Eng., vol. 40, no. 1, pp. 16–28, (2014).

IX. P. Chaovalit, A. Gangopadhyay, G. Karabatis, and Z. Chen, “Discrete
wavelet transform-based time series analysis and mining,” ACM Comput.
Surv., vol. 43, no. 2, pp. 1–37, (2011).
X. G. E. Hinton and R. R. Salakhutdinov, “Reducing the Dimensionality of
Data with Neural Networks,” vol. 504, (2006).
XI. C. Visual, N. Index, C. Vni, and C. Vni, “The Zettabyte Era : Trends and
Analysis,” no. June, pp. 2016–2021, (2017).
XII. M. M. Gaber, A. Zaslavsky, and S. Krishnaswamy, “Mining Data
Streams : A Review,” vol. 34, no. 2, pp. 18–26, (2005).
XIII. R. Perdisci, D. Ariu, and G. Giacinto, “Scalable fine-grained behavioral
clustering of HTTP-based malware,” Comput. Networks, vol. 57, no. 2, pp.
487–500, (2013).
XIV. L. Khan, M. Awad, and B. Thuraisingham, “A new intrusion detection
system using support vector machines and hierarchical clustering,” VLDB
J., vol. 16, no. 4, pp. 507–521, (2007).
XV. Y. Dang, B. Wang, R. Brant, Z. Zhang, M. Alqallaf, and Z. Wu, “Anomaly
Detection for Data Streams in Large-Scale Distributed Heterogeneous
Computing Environments,” in ICMLG2017 5th International Conference
on Management Leadership and Governance, (2017), p. 121.
XVI. J. Song, H. Takakura, Y. Okabe, and K. Nakao, “Toward a more practical
unsupervised anomaly detection system,” Inf. Sci. (Ny)., vol. 231, pp. 4–
14, (2013).
XVII. J. Dromard, G. Roudière, and P. Owezarski, “Online and Scalable
Unsupervised Network Anomaly Detection Method,” IEEE Trans. Netw.
Serv. Manag., vol. 14, no. 1, pp. 34–47, (2017).
XVIII. Ã. C. Ning, C. An, and Z. Long-Xiang, “An Incremental Grid Density-Based
Clustering Algorithm,” vol.1313, no. 101, pp. 1–7, (2002).

View Download