K-means in IDS/IPS
Introduction
In this article i am going you to tell how the company using k means clustering algorithm to make the their ids/ips more effective in real time and how this method that we use previously
K-means clustering
K-means is the unsupervised means we have only the data but we don’t knows what we can do with this data there is many ways we can use the following data for eg log data if we let say server log we don’t known what kind of information we can extract with the why we don’t known simple the who create the application and one who who analysis it are two different person(team).
This is the reason why now days unsupervised learning become very famous because we are collecting data from many place and for many years but this data this data is doing nothing is just store in the storage but with the help of unsupervised learning we can find the hidden pattern in the data.
That process if human try do it’s take them many day’s and still the result is not that perfect but computer can do this task very easily and can use this data to do various things like we can use to do future prediction.
IDS/IPS
But how the data we already have helps in making ids/ips much better simple when any attack happen it uses a some kind of pattern or the its pattern is different from the legitimate things and we already store this kind of information in the log file but hidden that why we can use the k-means algo to find the hidden pattern in the data and use this hidden pattern block the attack.
Whenever new attack comes we can make the model in the real time so it’s always up to date with the latest attack.
Conclusion
In this article I try to explain what is k-means clustering and who we can use this to make strength the ids/ips.
Contact Detail
LinkeDin [https://www.linkedin.com/in/suyash-garg-50245b1b7]
Additional Tags
#worldrecordholder #training #internship #makingindiafutureready #summer #summertraining #python #machinelearning #docker #rightmentor #deepknowledge #linuxworld #vimaldaga #righteducation
