Online internet intrusion detection based on flow statistical characteristics

Intrusion detection is one of the most essential factors for security infrastructures in network environments, and it is widely used in detecting, identifying and tracking the intruders. Traditionally, the approach taken to find attacks is to inspect the contents of every packet. An alternative approach is to detect network applications based on flow statistics characteristics using machine learning. We propose online Internet intrusion detection based on flow statistical characteristics in this paper. Experiment results illustrate this method has high detection accuracy using Seeded-Kmeans clustering algorithm. It is noticeable that the statistics of the first 12 packets could detect online flow with high accuracy.