| Abstract: | Anomaly detection is a technique that works to detect those instances of data that do not comply with the data model. In this paper the problem of anomaly detection in networked traffic data is considered, and a novel ensembled technique for anomaly detection is proposed. The proposed technique uses a combination of fuzzy K‐means clustering algorithm, extended Kalman filter, and support vector machines to detect the anomalies. In the proposed technique, fuzzy membership functions are used instead of crisp clusters to compute the best set of features by fuzzy k‐means algorithm. These features are then optimized with a nonlinear Bayesian approach known as extended Kalman filter. The resultant optimized set of features is then provided as an input to the support vector machine classifier that detects the network anomalies. The proposed technique is validated by using 2 benchmark datasets, ie, DARPA 1998 and KDD CUP 1999. Experimental results indicate that the proposed technique performs quite well as compared to its traditional counterparts in accuracy, detection rate, false positive rate, and F‐score. |
