Fuzzified Cuckoo based Clustering Technique for Network Anomaly Detection

•A robust anomaly detection technique, i.e., Fuzzified Cuckoo based Clustering Technique (F-CBCT) is proposed that operates in two phases, i.e., training and detection.•Decision-Tree based approach is applied in the training phase to select the most informative features from the dataset.•A combinati...

Full description

Saved in:
Bibliographic Details
Published in:Computers & electrical engineering Vol. 71; pp. 798 - 817
Main Authors: Garg, Sahil, Batra, Shalini
Format: Journal Article
Language:English
Published: Amsterdam Elsevier Ltd 01.10.2018
Elsevier BV
Subjects:
Anomalies
Anomaly detection
Cluster analysis
Clustering
Cuckoo-search
Decision Tree
Decision trees
Electrical engineering
Failure analysis
Feature selection
Fuzzy logic
Fuzzy systems
Fuzzy theory
K-means clustering
Multiple objective analysis
Nature inspired algorithm
Optimization algorithms
Search algorithms
Training
Vector quantization
Feature selection
Decision Tree
Cuckoo-search
Fuzzy theory
Anomaly detection
K-means clustering
Nature inspired algorithm
ISSN:0045-7906, 1879-0755
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:•A robust anomaly detection technique, i.e., Fuzzified Cuckoo based Clustering Technique (F-CBCT) is proposed that operates in two phases, i.e., training and detection.•Decision-Tree based approach is applied in the training phase to select the most informative features from the dataset.•A combination of Cuckoo Search Optimization and K-means clustering is employed to evaluate two simultaneous distance functions, i.e., C-Measure and AD-Measure.•Fuzzy decisive approach is used in the detection phase where the system is left free to detect the anomalies on the basis of input data and computed distance functions.•Performance evaluation results in terms of detection rate, false positive rate and accuracy on different datasets validate the effectiveness of the proposed model. With the increasing penetration of security threats, the severity of their impact on the underlying network has increased manifold. Hence, a robust anomaly detection technique, Fuzzified Cuckoo based Clustering Technique (F-CBCT), is proposed in this paper which operates in two phases: training and detection. The training phase is supported using Decision Tree followed by an algorithm based on hybridization of Cuckoo Search Optimization and K-means clustering. In the designed algorithm, a multi-objective function based on Mean Square Error and Silhouette Index is employed to evaluate the two simultaneous distance functions namely-Classification measure and Anomaly detection measure. Once the system is trained, detection phase is initiated in which a fuzzy decisive approach is used to detect anomalies on the basis of input data and distance functions computed in the previous phase. Experimental results in terms of detection rate (96.86%), false positive rate (1.297%), accuracy (97.77%) and F-Measure (98.30%) prove the effectiveness of the proposed model.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0045-7906
1879-0755
DOI:10.1016/j.compeleceng.2017.07.008