TY - GEN
T1 - Performance Analysis Between EOTI-K-Means++, EOTI, and KNN for Brute Force Detection System
AU - Nuralamsyah, Bintang
AU - Anggraeni, Sherly Rosa
AU - Awwabi, Labba
AU - Ranggianto, Narandha Arya
AU - Studiawan, Hudan
AU - Shiddiqi, Ary Mazharuddin
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - An Intrusion Detection System (IDS) is software or hardware that monitors system or network activities for policy violations or malicious activity and sends reports to the management system. Clustering algorithms using instance-based learning, such as quick, efficient optimal triangle-inequality-based EOTI can be used to discover anomalous traffic patterns. Instead of using the standard K-Means technique in the EOTI algorithm, this study uses the K-Means++ approach for clustering as EOTI-K-Means++. The K-Means++ tries to solve the K-Means algorithm's disadvantages, namely its high memory usage. For further analysis, we use k-nearest neighbors (KNN) in this problem. The K-Means++ ensures a more intelligent introduction of centroids and enhances the clustering's nature. Both basic EOTI's accuracy and EOTI-K-Means++ are slightly lower than KNN for high precision, recall, and F1-score. But they yield the fastest time and a lowest memory consumption during training and prediction. EOTI K-Means++ outperforms in terms of execution time for training of 1267.77s, but predicting process is longer than EOTI of 149987.26s.
AB - An Intrusion Detection System (IDS) is software or hardware that monitors system or network activities for policy violations or malicious activity and sends reports to the management system. Clustering algorithms using instance-based learning, such as quick, efficient optimal triangle-inequality-based EOTI can be used to discover anomalous traffic patterns. Instead of using the standard K-Means technique in the EOTI algorithm, this study uses the K-Means++ approach for clustering as EOTI-K-Means++. The K-Means++ tries to solve the K-Means algorithm's disadvantages, namely its high memory usage. For further analysis, we use k-nearest neighbors (KNN) in this problem. The K-Means++ ensures a more intelligent introduction of centroids and enhances the clustering's nature. Both basic EOTI's accuracy and EOTI-K-Means++ are slightly lower than KNN for high precision, recall, and F1-score. But they yield the fastest time and a lowest memory consumption during training and prediction. EOTI K-Means++ outperforms in terms of execution time for training of 1267.77s, but predicting process is longer than EOTI of 149987.26s.
KW - brute force attack
KW - eoti
KW - intrusion detection system
KW - k-nearest neighbors
KW - kmeans++
UR - http://www.scopus.com/inward/record.url?scp=85141570161&partnerID=8YFLogxK
U2 - 10.1109/ICoICT55009.2022.9914878
DO - 10.1109/ICoICT55009.2022.9914878
M3 - Conference contribution
AN - SCOPUS:85141570161
T3 - 2022 10th International Conference on Information and Communication Technology, ICoICT 2022
SP - 53
EP - 58
BT - 2022 10th International Conference on Information and Communication Technology, ICoICT 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 10th International Conference on Information and Communication Technology, ICoICT 2022
Y2 - 2 August 2022 through 3 August 2022
ER -