A Malicious Traffic Detection Method Using X-means Clustering
X-means 클러스터링을 이용한 악성 트래픽 탐지 방법

Myoungji Han, Jihyuk Lim, Junyong Choi, Hyunjoon Kim, Jungjoo Seo, Cheol Yu, Sung-Ryul Kim, Kunsoo Park
2014 Journal of KIISE  
Malicious traffic, such as DDoS attack and botnet communications, refers to traffic that is generated for the purpose of disturbing internet networks or harming certain networks, servers, or hosts. As malicious traffic has been constantly evolving in terms of both quality and quantity, there have been many researches fighting against it. In this paper, we propose an effective malicious traffic detection method that exploits the X-means clustering algorithm. We also suggest how to analyze
more » ... w to analyze statistical characteristics of malicious traffic and to define metrics that are used when clustering. Finally, we verify effectiveness of our method by experiments with two released traffic data.
doi:10.5626/jok.2014.41.9.617 fatcat:7r6f2q3korbirn7a5esvq7pzd4