Data mining techniques make it possible to search large amounts of data for characteristic rules and patterns. If applied to network monitoring data recorded on a host or in a network, they can be used to detect intrusions, attacks and/or anomalies. In this paper, we present “Supervised & Unsupervised learning” a method to cascade K-means clustering and the Id3 decision tree learning methods to classifying anomalous and normal activities in a computer network. The K-means clustering method first partitions the training instances into two clusters using Euclidean distance similarity. On each cluster, representing a density region of normal or anomaly instances, we build an ID3 decision tree. The decision tree on each cluster refines the decision boundaries by learning the subgroups within the cluster. Our work studies the best algorithm by using classifyinganomalous and normal activities in a computer networks with supervised & unsupervised algorithms that have not been used before. We analyses the algorithm that have the best efficiency or the best learning and describes the proposed system of K-means&ID3 Decision Tree.

A. Lazarevic, A. Ozgur, L. Ertoz, J. Srivastava, and V. Kumar, “A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection,” Proc. SIAM Int’l Conf. Data Mining, May 2003.

W. Lee, S. J. Stolfo Data Mining Approaches for IntrusionDetection

Rui Xu,, Donald Wunsch II, Survey of Clustering Algorithms, IEEE in Neural Networks 16(3) (2005)

N. Ye, Y. Zhang, and C.M. Borror, “Robustness of the Markov- Chain Model for Cyber-Attack Detection,” IEEE Trans. Reliability, vol. 53, no.1, pp. 116-123, 2004.

D. Mutz, F. Valeur, G. Vigna, and C. Kruegel, “Anomalous System Call Detection,” ACM Trans. Information and System Security, vol. 9,no. 1, pp. 61-93, Feb. 2006.M. Thottan and C. Ji, “Anomaly Detection in IP Networks,” IEEETrans. Signal Processing, vol. 51, no. 8, pp. 2191-2204,2003.

C. Kruegel and G. Vigna, “Anomaly Detection of Web Based Attacks,” Proc. ACM Conf. Computer and Comm. Security, Oct. 2003.

Modeling intrusion detection system using hybrid intelligent systems Sandhya Peddabachigaria,Ajith Abrahamb,Crina Grosanc,Johnson Thomasa aComputer Science Department, Oklahoma State University, OK 74106, USA bSchool of Computer Science and Engineering,Chung-Ang University, Seoul, Republic of Korea Department of Computer Science, Babes-Bolyai University, Cluj-Napoca 3400,RomaniaReceived 28 June 2005; accepted 28 June 2005

Piatetsky-Shapiro, G. (1991), Discovery, analysis, and presentation of strong rules, in G. Piatetsky-Shapiro & W. J. Frawley, eds, ‘Knowledge Discovery in Databases’, AAAI/MIT Press, Cambridge, MA.

R. Agrawal; T. Imielinski; A. Swami: Mining Association Rules Between Sets of Items in Large Databases", SIGMOD Conference 1993: 207-216

Intrusion Detection System using Data mining Techniques Sanket Patle 07305034,Raviraj Vaishampayan 07305040 Kumar Avinav Dubey 07305044,Ganesh Wagle 7305805under the guidance of Prof. Bernard L. Menezesection IIT Bombay Department of Computer Science and Engineering Indian Institute of Technology, Bombay Nov 2007

Text Book of Data mining Techniques by Arun K PujariUniversities Press (India) Private Limited.

Intoduction to hierarchical clustering, A tutorial on clusteringA Tutorial on Clustering Algorithms ... Hierarchical Clustering - Interactive demo. This applet requires Java Runtime ... Back to Hierarchicalclustering home.dei.polimit. matteucc clustering tutorial ApplettH.html

IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 19, NO. 3, MARCH 2007K-Means+ID3: A Novel Method for Supervised Anomaly Detection by Cascading K-Means Clustering and ID3 Decision Tree Learning MethodsShekhar R. Gaddam,Vir V. Phoha, Senior Member, IEEE, and Kiran S. Balagani

Karl-Heinrich Anders, A Hierarchical Graph-Clustering Approach to find Groups of Objects, IEEE

Clustering Techniques – Analysis, Comparative Study and Emergence of New Problem Domain,Rishi Sayal Professor, Department of Computer Science and Engineering, Guru Nanak Engineering College, Hyderabad.Rishi_vps@yahoo.com P. Harsha Assistant Professor, Department of Computer Science and Engineering, Guru Nanak Engineering College, Hyderabad harsha.renu@gmail.com ,D. Durga Bhavani Associate Professor, Department of Computer Science and Engineering, Guru Nanak Engineering College, Hyderabaddurgapremi@yahoo.com

Intrusion Detection Systems An intrusion detection system is used to detect several types of. Intrusion detection system evasion techniques bypass detection by creating different states on the IDS and ... The Network anomaly detection and intrusion reporter (NADIR), ... The Audit data analysis and mining (ADAM) IDS in 2001 used tcpdump to ...

Learning intrusion detection: supervised or unsupervised? Pavel Laskov,Patrick D¨ussel, Christin Sch¨afer and Konrad Rieck Fraunhofer-FIRST.IDA,Kekul´estr. 7, 12489 Berlin, Germany {laskov,duessel,christin,rieck}@first.fhg.de

An Implementation of ID3 --- Decision Tree Learning Algorithm Wei Peng, Juhua Chen and Haiping Zhou Project of Comp 9417: Machine Learning University of New South Wales, School of Computer Science & Engineering, Sydney, NSW 2032, Australia