Title :
Classification of network traffic in LAN
Author :
Langthasa, Biswajit ; Acharya, Bikash ; Sarmah, Satyajit
Author_Institution :
Dept. of Inf. Technol., Gauhati Univ. Inst. of Sci. & Technol., Guwahati, India
Abstract :
Classification of Network Traffic is one of most important issue in network management and detection of Intrusion attacks play a vital role in it. To have a holistic picture of the network intrusion detection, selection of appropriate feature is very important; it reduces analysis effort and time too. Data mining can be very fruitful for feature selection and intrusion detection. In this paper, Tcpdump is used to capture network traffic and visualize different set of features using k-mean clustering. KDD´99 corrected intrusion detection dataset is evaluated to find out most important and relevant features and an algorithm based on the features is proposed to detect different types of dos, probing, u2r and r2l attacks with an accuracy of more than 80%.
Keywords :
computer network management; computer network security; data mining; feature selection; local area networks; pattern clustering; telecommunication traffic; transport protocols; DOS attack; KDD 99 corrected intrusion detection; LAN; Tcpdump; analysis effort reduction; appropriate feature selection; data mining; denial of service attack; k-mean clustering; network management; network traffic classification; probe attack; r2l attack; u2r attack; Clustering algorithms; Computers; Data mining; Feature extraction; IP networks; Intrusion detection; Protocols; Data Mining; Introduction; Intrusion Detection System (IDS); K-means Clustering; KddCup99 Dataset; LOIC; Weka; Wireshark; libpcap; tcpdump; tshark;
Conference_Titel :
Electronic Design, Computer Networks & Automated Verification (EDCAV), 2015 International Conference on
Conference_Location :
Shillong
Print_ISBN :
978-1-4799-6207-5
DOI :
10.1109/EDCAV.2015.7060546
