Build Network Intrusion Detection System based on combination of Fractal Density Peak Clustering and Artificial Neural Network

Abstract

Imbalanced data poses a serious problem in intrusion detection systems. In this article, we propose a network intrusion detection system based on fractal density peak clustering and an artificial neural network (FD-ANN). The proposed detection system consists of three parts: data clustering based on the density-peak clustering (DPC) method, using the fractal concept as a membership weight of all data to the cluster, and a neural network to classify the data. The DPC method uses categorization of the tare data into subgroups with strongly correlated attributes to reduce the size of the training data and the imbalance of the sample. Each subgroup has its neural network to train the data. Based on fractal membership weights, the output of all classifiers of the sub-neural networks is combined using the aggregation function. The benchmarks of this model are based on the data sets NSL-KDD and UNSW-NB15. The proposed solution outperforms other known classification approaches in terms of overall accuracy, recall, precision, and F1 score.