Using SOM Algorithms for developing a model for Intrusion Detection System: Knowledge management perspective

Crime discovery process in the criminal police includes mental patterns and implicit knowledge, which collected and obtained with the efforts of the officers and detectives during the time, and includes a wide range of knowledge and experience. Police to tackle this type of crime needs to learn vast skills and new technologies related to the cyber domain. Knowledge management is one of the requirements put forward to deal with cybercrimes and has the direct relationship with the policing. In this paper, an unsupervised machine learning using self-organizing map (SOM) was used to propose a model for Intrusion Detection System (IDS) with higher efficiency rate and low false positives and false negatives. The best results were generated when the number of clusters matches the number of data types in the data set.