A Novel Similarity Measure for Intrusion Detection using Gaussian Function
This is an incremental improvement for intrusion detection systems, offering a specific similarity measure for clustering in security applications.
The paper tackled intrusion detection by proposing a Gaussian similarity measure as a distance metric in k-means clustering, applied to datasets like DARPA and KDD, resulting in disjoint clusters with fixed bounds and properties of a typical similarity measure.
In this paper the major objective is to design and analyze the suitability of Gaussian similarity measure for intrusion detection. The objective is to use this as a distance measure to find the distance between any two data samples of training set such as DARPA Data Set, KDD Data Set. This major objective is to use this measure as a distance metric when applying k- means algorithm. The novelty of this approach is making use of the proposed distance function as part of k-means algorithm so as to obtain disjoint clusters. This is followed by a case study, which demonstrates the process of Intrusion Detection. The proposed similarity has fixed upper and lower bounds. The proposed similarity measure satisfies all properties of a typical similarity measure.