International Journal of Advanced Research in Computer Science and Software Engineering (IJARCSSE)
The authors' network is facing a rapidly evolving threat landscape full of modern applications, exploits and attack strategies that are capable of avoiding traditional methods of detection. Threats are delivered via applications that dynamically, use non-standard ports, tunnel within other applications or hide within proxies, other types of encryption. Additionally, enterprises are exposed to targeted and customized malware, which can easily pass undetected through traditional antivirus solutions. To provide the effective result for detecting intrusions, this process introduces a new feature representation approach by cluster centers and nearest neighbors.