The focus of Intrusion Detection System (IDS) is used to determine the computer usage and detect any malicious network traffic. These activities cannot be detected by conventional firewall. Various IDS have been developed using advanced detection approaches which is created by integrating different techniques which shown better detection performance than existing techniques. The major disadvantage of IDS is it often provides false report of malicious activities. Sometimes it also misses out major malicious threat or intrusion which is nothing but it (IDS) needs to extract more features for normal connections and needs more reasonable ways to detect the attack. This paper proposes a better representation namely, the cluster center and nearest neighbor (CANN) approaches. In this approach, we will measure and sum up the distance between each data and its cluster center. Initially the distance between data and cluster is measured and then the data and its nearest neighbor in same cluster is identified. This CANN classifier performs like k-Nearest Neighbor (k-NN) in identifying the defects and reduces false alarm also CANN provides efficient training and testing to find the defect.

Keywords: Intrusion Detection, Feature Representation, Cluster center, Nearest Neighbor. ;