An improved density peaks clustering algorithm based on grid screening and mutual neighborhood degree for network anomaly detection-Reference-Cited by-同舟云学术

An improved density peaks clustering algorithm based on grid screening and mutual neighborhood degree for network anomaly detection

Published:2022-01-26 Issue:1 Volume:12 Page:
ISSN:2045-2322
Container-title:Scientific Reports
language:en
Short-container-title:Sci Rep

Author:

Chen Liangchen,Gao Shu,Liu Baoxu

Abstract

AbstractWith the rapid development of network technologies and the increasing amount of network abnormal traffic, network anomaly detection presents challenges. Existing supervised methods cannot detect unknown attack, and unsupervised methods have low anomaly detection accuracy. Here, we propose a clustering-based network anomaly detection model, and then a novel density peaks clustering algorithm DPC-GS-MND based on grid screening and mutual neighborhood degree for network anomaly detection. The DPC-GS-MND algorithm utilizes grid screening to effectively reduce the computational complexity, improves the clustering accuracy through mutual neighborhood degree, and also defines a cluster center decision value for automatically selecting cluster centers. We implement complete experiments on two real-world datasets KDDCup99 and CIC-IDS-2017, and the experimental results demonstrated that the proposed DPC-GS-MND can detect network anomaly traffic with higher accuracy and efficiency. Together, it has a good application prospect in the network anomaly detection system in complex network environments.

Funder

the National Key Research and Development Program of China

the National Development and Reform Commission promotes major projects of big data development

Fundamental Research Funds for the Central Universities of China University of Labor Relations

National Natural Science Foundation of China

Strategic Priority Research Program of Chinese Academy of Sciences

Publisher

Springer Science and Business Media LLC

Subject

Multidisciplinary

Link

https://www.nature.com/articles/s41598-021-02038-z.pdf

Reference37 articles.

1. Moustafa, N., Hu, J. & Slay, J. A holistic review of network anomaly detection systems: a comprehensive survey. J. Netw. Comput. Appl. 128(2), 33–55 (2019).

2. Ji, S. Y. et al. A multi-level intrusion detection method for abnormal network behaviors. J. Netw. Comput. Appl. 2(62), 9–17 (2016).

3. Ni, X. et al. Network anomaly detection using unsupervised feature selection and density peak clustering. Springer LNCS 9696, 212–227 (2016).

4. Liangchen, C. H. E. N. et al. Research on dimensionality reduction in network traffic anomaly detection. Comput. Eng. 46(2), 11–20 (2020).

5. Monowar, H., Dhruba, K., Jugal, K. Network traffic anomaly detection techniques and systems. In Network Traffic Anomaly Detection and Prevention, pp. 115–169 (2017).

Cited by 8 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Hierarchical partition clustering method based on DBSCAN to solve the depth value of Contaminated runway;2024 5th International Conference on Computer Engineering and Application (ICCEA);2024-04-12

2. Expressway ETC Transaction Data Anomaly Detection Based on TL-XGBoost;Electronics;2024-01-02

3. Minimal spanning tree-based isolation forest with anomaly score function built on the basis of fuzzy rules;Applied Soft Computing;2023-11

4. Review of Network Anomaly Detection in the High-speed Railway Signal System Based on Artificial Intelligence;2023 IEEE 3rd International Conference on Computer Communication and Artificial Intelligence (CCAI);2023-05-26

5. Distributed Denial of Service Attack Detection for the Internet of Things Using Hybrid Deep Learning Model;IEEE Access;2023