Intrusion detection has received a lot of attention from many researchers, and various techniques have been used to identify intrusions or attacks against computers and networks. Data mining is a well-known artificial intelligence technique to build network intrusion detection systems. However, numerous data mining techniques have been successfully applied in this area to find intrusions hidden in large amounts of audit data through classification, clustering or association rule. Clustering is one of the promising techniques used in Anomaly Intrusion Detection (AID), especially when dealing with unknown patterns. This paper presents our work to improve the performance of anomaly intrusion detection using Fuzzy-ART based on the K-means algorithm. The K-means is a modified version of the standard K-means by initializing the value K from the value obtained after data mining using Fuzzy-ART and SNC labeling technique. The result has shown that this algorithm has increased the detection rate and reduced the false alarm rate compared with Fuzzy-ART.

intrusion detection, anomaly detection, data mining, NSL-KDD dataset, Fuzz-ART, K-means, labeling