Some Clustering Algorithms to Enhance the Performance of the Network Intrusion Detection System
Most current intrusion detection systems are signature based ones or machine learning based methods. Despite the number of machine learning algorithms applied to KDD 99 cup, none of them have introduced a pre-model to reduce the huge information quantity present in the different KDD 99 datasets. Clustering is an important task in mining evolving data streams. Besides the limited memory and one-pass Constraints, the nature of evolving data streams implies the following requirements for stream clustering: no assumption on the number of clusters, discovery of clusters with arbitrary shape and ability to handle outliers. Traditional instance-based learning methods can only be used to detect known intrusions, since these methods classify instances based on what they have learned.