Paper Title
Implementation Of Port Density Based Dynamic Clustering Algorithm On Honeynet Data
Abstract
Abstract– Intrusion detection system which are normally deployed in an organization to protect the network are working
based on pre-defined rule-sets known as signatures, thereby they will not be able to detect unknown attacks. With the
consideration of unknown attack detection, intrusion detection is becoming not useful to detect these kinds of attacks spreading
in the network and intrusion detection based attack detection is becoming a very challenging process. Honeynets are enabling
us in providing the deep understanding of attacks patterns which are bypassed by the network intrusion detection system. In
this paper, considering many problems in current traditional security resource applications and the consideration of the
research on Honeynet Technology, We have Implemented port Density Based Dynamic Clustering algorithm on attack data,
collected on Honeypots which infer the requirement of placing Honeypots in any organizational network. A categorization of
attack data such as Port-wise Distribution, top IP addresses are being presented which is helpful for any system and network
administrators to put control list in the network for blocking of those ports and IP addresses. In this research work, the live data
set of Honeypot with the port and IP Addresses are analyzed using clustering. The density based clustering approach is
implemented after cleaning of the data set. The experimental results shows that we have identified the anomalous traffic
targeted a specific port based on clustering.