Skip to Main Content
Recently clustering methods have gained importance in addressing network security issues, including network intrusion detection. In clustering, unsupervised anomaly detection has great utility within the context of intrusion detection system. Such a system can work without the need for massive sets of pre-labeled training data. Intrusion detection system (IDS) aims to identify attacks with a high detection rate and a low false alarm rate. This paper presents a scheme to achieve this goal. The scheme is designed based on an unsupervised clustering and a labeling technique. The technique has been found to perform with high precision at low false alarm rate over KDD99 dataset.