Abstract
Threats to computer networks are numerous and potentially devastating. Intrusion detection techniques provide protection to our data and track unauthorized access. Many algorithms and techniques have been proposed to improve the accuracy and minimize the false positive rate of the intrusion detection system (IDS). Statistical techniques, evolutionary techniques, and data mining techniques have also been used for this purpose. In this paper, we use a centroid-based technique for network intrusion detection in which the centroid is constructed on the basis of diversity. Diversity of a point is the sum of the distances from a point to all other points in a cluster. The point having minimum diversity is chosen as a centroid. The performance of diversity-based centroid shows significant improvement in the classification of intrusions. Experimental results on the KDDCup99 dataset demonstrate that the proposed method shows excellent performance in terms of accuracy, detection rate, and false positive rate.