Volume 12, Number 1

A Survey on the Use of Data Clustering for Intrusion Detection System in Cybersecurity

  Authors

Binita Bohara1, Jay Bhuyan1, Fan Wu1 and Junhua Ding2, 1Tuskegee University, USA and 2University of North Texas, USA

  Abstract

In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.

  Keywords

Intrusion detection system, clustering technique, network security.