Intrusion Detection Systems are used to monitor computer system for sign of security violations over network or cloud environment. On detection of such sign triggers of IDSs is to report them to generate the alerts. These alerts are presented to a human analyst or user who evaluates the alerts and initiates an adequate response. In Practice, IDSs have been observed to trigger thousands of alerts per day, most of which are mistakenly triggered by begin events such as false positive. This makes it extremely difficult for the analyst to correctly identify alerts related to attack such as a true positive. Recently Data Mining methods have gained importance in addressing network or cloud security issues, including network intrusion detection and cloud Intrusion detection systems, these systems aim to identify attacks with a high detection rate and a low false alarm rate. Consequently, Unsupervised Learning methods have been given a closer look for network and cloud intrusion detection. We present unsupervised based Clustering Technique and compare with traditional centroid-based clustering algorithms for intrusion detection. These techniques are applied to the KDD Cup98 data set .In addition; a Comparative analysis shows the advantage of proposed approach over Traditional clustering-based Methods over in identifying new or unseen attack. Experimental result show that A.I based Hill Climbing aided k-means Clustering algorithm improves the detection rate in IDS than K-Mean algorithm and achieved 92% detection rate in IDS System.

Intrusion Detection, AI, Clustering

[1] Tich Phu oc Tran, “Machine Learning and Data Mining: Introduction to Principles and Algorithms”, Horwood Publishing Limited, 2007.
[2] Ye Yuan, "Mining Audit Data to Build Intrusion Detection Models," Proc. Fourth International Conference Knowledge Discovery and Data Mining pp. 66-72, 1999
[3] Snehal A, "The Research of Intrusion Detection Based on Support vector machine", Proceedings of the 2008 International Conference on Wavelet Analysis and Pattern Recognition, Hong Kong, IEEE.2008
[4] Shun J and Malki H. A., "Network Intrusion Detection System using Neural Networks", IEEE computer society.2008.
[5] Muna Mhammad T. Jawhar and Monica Mehrotra, “A Study On Fuzzy Intrusion Detection”, In Proceedings of the Data Mining, Intrusion Detection, In formation Assurance, And Data Networks Security, SPIE, Vol. 5812, pp. 23-30, Orlando, Florida, USA, 2005
[6] Neal, and Hunt and Dasgupta, Cao, and Yang, “Anomaly Network Intrusion Detection Based on Improved AIS Technique”, Journal of Computers, Vol." “Adaptive Model Generation: An Architecture for the Deployment of Data Mining-Based Intrusion Detection Systems, Applications of Data Mining in Computer Security”, Kluwer Academic Publishers, Boston, MA, pp. 154-191, 2002
[7] Pohsiang Tsai,’A novel intrusion detection system based on hierarchical clustering and support vector machines", Expert Systems with Applications, Vol: 38, No: 1, pp: 306-313, 2011.
[8] Aida Hu Zhengbing, ”Approaches and machine learning Techniques for Intrusion Detection Systems”, Vol. 9, No. 12, pp. 181-186, 2009.
[9] Amit Kumar Choudhary,”An Effective Approach to Network Intrusion Detection System using Neural network technique”, International Journal of Computer Applications, Vol.1, No.3, pp.26–32, February 2010