Clustering K-Means and DBSCAN for Network Traffic Anomaly Detection in Digital Islamic Community Systems
Keywords:
Data Mining, Clustering, K-Means, DBSCAN, Network Anomaly, Islamic Digital CommunityAbstract
The digital transformation era has accelerated the use of network-based systems in supporting various community activities, including those within Islamic organizations and institutions. The increasing complexity of network traffic presents challenges in identifying abnormal patterns that may indicate cyber threats or system disruptions. This study aims to implement and compare two clustering algorithms K-Means and DBSCAN for detecting network traffic anomalies in digital Islamic community systems. The dataset combines simulated traffic from Islamic digital platforms and the CICIDS2017 benchmark data. Through preprocessing, feature selection, and evaluation using the silhouette coefficient, this research analyzes the effectiveness of both algorithms in identifying anomalies. The experimental results indicate that DBSCAN performs better in detecting irregular traffic and outliers, while K-Means remains effective for structured and stable data patterns. These findings emphasize the potential of data mining techniques to enhance the security, reliability, and resilience of digital systems serving Muslim communities. The implication of this study is to provide a foundation for developing intelligent network monitoring tools for secure and sustainable Islamic digital ecosystems.
References
A. M. Hassan, M. A. Ali, and S. A. Rahman, “Digital transformation in Islamic community services: Opportunities and challenges,” Journal of Islamic Social Studies, vol. 12, no. 2, pp. 45–57, 2021.
S. N. Abdullah and R. M. Yusoff, “Technology adoption in Muslim communities: A systematic review,” International Journal of Islamic and Middle Eastern Studies, vol. 9, no. 1, pp. 23–35, 2020.
R. Sommer and V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,” in Proc. IEEE Symposium on Security and Privacy, 2010, pp. 305–316.
M. Ahmed, A. N. Mahmood, and J. Hu, “A survey of network anomaly detection techniques,” Journal of Network and Computer Applications, vol. 60, pp. 19–31, 2016.
P.-N. Tan, M. Steinbach, and V. Kumar, Introduction to Data Mining. Boston, MA, USA: Pearson, 2019.
J. MacQueen, “Some methods for classification and analysis of multivariate observations,” in Proc. 5th Berkeley Symp. Math. Statist. Prob., 1967, pp. 281–297.
M. Ester, H.-P. Kriegel, J. Sander, and X. Xu, “A density-based algorithm for discovering clusters in large spatial databases with noise,” in Proc. 2nd Int. Conf. Knowledge Discovery and Data Mining (KDD), 1996, pp. 226–231.
I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,” in Proc. ICISSP, 2018, pp. 108–116.
T. Auld, A. W. Moore, and S. F. Gull, “Bayesian neural networks for Internet traffic classification,” IEEE Transactions on Neural Networks, vol. 18, no. 1, pp. 223–239, 2007.
D. Denning, “An intrusion-detection model,” IEEE Transactions on Software Engineering, vol. SE-13, no. 2, pp. 222–232, 1987.
S. Axelsson, “Intrusion detection systems: A survey and taxonomy,” Technical Report, Chalmers University of Technology, 2000.
A. Lakhina, M. Crovella, and C. Diot, “Diagnosing network-wide traffic anomalies,” Proceedings of ACM SIGCOMM, pp. 219–230, 2004.
J. Han, M. Kamber, and J. Pei, Data Mining: Concepts and Techniques, 3rd ed. San Francisco, CA, USA: Morgan Kaufmann, 2012.
M. H. Dunham, Data Mining: Introductory and Advanced Topics. Upper Saddle River, NJ, USA: Pearson, 2003.
A. K. Jain, “Data clustering: 50 years beyond K-means,” Pattern Recognition Letters, vol. 31, no. 8, pp. 651–666, 2010.
T. Mitchell, Machine Learning. New York, NY, USA: McGraw-Hill, 1997.
J. MacQueen, “Some methods for classification and analysis of multivariate observations,” Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability, pp. 281–297, 1967.
Y. Gu, A. McCallum, and D. Towsley, “Detecting anomalies in network traffic using maximum entropy estimation,” Proceedings of the ACM Internet Measurement Conference, pp. 32–32, 2005.
S. Zhong, “Efficient online spherical k-means clustering,” Proceedings of the IEEE International Joint Conference on Neural Networks, pp. 3180–3185, 2005.
P. Berkhin, “A survey of clustering data mining techniques,” in Grouping Multidimensional Data, Berlin, Germany: Springer, 2006, pp. 25–71.
M. Ester, H.-P. Kriegel, J. Sander, and X. Xu, “A density-based algorithm for discovering clusters in large spatial databases with noise,” Proceedings of the ACM SIGKDD, pp. 226–231, 1996.
Y. Chen, L. Tu, and Y. Chen, “Anomaly-based network intrusion detection using DBSCAN,” Proceedings of the International Conference on Communication Software and Networks, pp. 655–659, 2011.
H.-P. Kriegel, P. Kröger, J. Sander, and A. Zimek, “Density-based clustering,” Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, vol. 1, no. 3, pp. 231–240, 2011.
F. Amiri, M. R. Yousefi, C. Lucas, A. Shakery, and N. Yazdani, “Mutual information-based feature selection for intrusion detection systems,” Journal of Network and Computer Applications, vol. 34, no. 4, pp. 1184–1199, 2011.
J. Sander, M. Ester, H.-P. Kriegel, and X. Xu, “Density-based clustering in spatial databases: The algorithm GDBSCAN and its applications,” Data Mining and Knowledge Discovery, vol. 2, pp. 169–194, 1998.
M. Ring, S. Wunderlich, D. Grüdl, D. Landes, and A. Hotho, “Flow-based benchmark data sets for intrusion detection,” Proceedings of the European Conference on Cyber Warfare and Security, pp. 361–369, 2018.
S. García et al., “A comprehensive survey on intrusion detection,” IEEE Communications Surveys & Tutorials, vol. 11, no. 1, pp. 1–23, 2009.
I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,” Proceedings of the International Conference on Information Systems Security and Privacy (ICISSP), pp. 108–116, 2018.
P. J. Rousseeuw, “Silhouettes: A graphical aid to the interpretation and validation of cluster analysis,” Journal of Computational and Applied Mathematics, vol. 20, pp. 53–65, 1987.
R. P. Lippmann et al., “Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation,” Proceedings of the DARPA Information Survivability Conference and Exposition, pp. 12–26, 2000.
I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,” Proceedings of the International Conference on Information Systems Security and Privacy (ICISSP), pp. 108–116, 2018.
S. García, J. Luengo, and F. Herrera, Data Preprocessing in Data Mining. Cham, Switzerland: Springer, 2015.
C. Storlie, L. V. Boldt, and J. M. Wegman, “Anomaly detection in computer network traffic,” Computational Statistics & Data Analysis, vol. 56, no. 10, pp. 3171–3186, 2012.
A. K. Jain and R. C. Dubes, Algorithms for Clustering Data. Englewood Cliffs, NJ, USA: Prentice-Hall, 1988.
M. Ester, H.-P. Kriegel, J. Sander, and X. Xu, “A density-based algorithm for discovering clusters in large spatial databases with noise,” Proceedings of ACM SIGKDD, pp. 226–231, 1996.
P. J. Rousseeuw, “Silhouettes: A graphical aid to the interpretation and validation of cluster analysis,” Journal of Computational and Applied Mathematics, vol. 20, pp. 53–65, 1987.
Y. Chen, L. Tu, and Y. Chen, “Anomaly-based network intrusion detection using DBSCAN,” Proc. Int. Conf. Communication Software and Networks, pp. 655–659, 2011.
A. Lakhina, M. Crovella, and C. Diot, “Mining anomalies using traffic feature distributions,” Proc. ACM SIGCOMM, pp. 217–228, 2004.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Muslim, Nova Mayasari; Wirda Fitriani
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
International Conference On Islamic Community Studies, Education and Science, its website, and the articles published therein are licensed under a 
