On dataset biases in a learning system with minimum a priori information for intrusion detection
作者: H.G. Kayacik , A.N. Zincir-Heywood , M.I. Heywood
DOI: 10.1109/DNSR.2004.1344727
关键词: Hierarchy (mathematics) 、 Anomaly detection 、 Machine learning 、 Feature (machine learning) 、 Data mining 、 Intrusion detection system 、 Knowledge-based systems 、 Artificial intelligence 、 A priori and a posteriori 、 Unsupervised learning 、 Computer science 、 Data-driven learning
摘要: A critical design decision in the construction of intrusion detection systems is often selection features describing characteristics data being learnt. Selecting requires a priori or expert knowledge and may lead to introduction specific attack biases ntended otherwise. To this end, summarized network connections from DARPA 98 Lincoln Labs dataset are employed for training testing driven learning architecture. The architecture composed hierarchy self-organizing feature maps. Such scheme entirely unsupervised, thus quality system directly influenced by dataset. Dataset investigated through three different partitions: 10% KDD (default dataset); normal alone; 50/50 mix normal. resulting appear be competitive with alternative cluster based data-mining approaches.
sci-hub.se 参考文章(8)
Eleazar Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, Sal Stolfo, A Geometric Framework for Unsupervised Anomaly Detection Applications of Data Mining in Computer Security. pp. 77- 101 ,(2002) , 10.1007/978-1-4615-0953-0_4
E Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, Sal Stolfo, A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA APPLICATIONS OF DATA MINING IN COMPUTER SECURITY. pp. 0- 0 ,(2002) , 10.7916/D8D50TQT
Stephen L. Chiu, Fuzzy Model Identification Based on Cluster Estimation Journal of Intelligent and Fuzzy Systems. ,vol. 2, pp. 267- 278 ,(1994) , 10.3233/IFS-1994-2306
Wenke Lee, S.J. Stolfo, K.W. Mok, A data mining framework for building intrusion detection models ieee symposium on security and privacy. pp. 120- 132 ,(1999) , 10.1109/SECPRI.1999.766909
Tim Bass, Intrusion detection systems and multisensor data fusion Communications of The ACM. ,vol. 43, pp. 99- 105 ,(2000) , 10.1145/332051.332079
John McHugh, Testing Intrusion detection systems ACM Transactions on Information and System Security. ,vol. 3, pp. 262- 294 ,(2000) , 10.1145/382912.382923
P. Lichodzijewski, A. Nur Zincir-Heywood, M.I. Heywood, Host-based intrusion detection using self-organizing maps international joint conference on neural network. ,vol. 2, pp. 1714- 1719 ,(2002) , 10.1109/IJCNN.2002.1007776
U. Halici, G. Ongun, Fingerprint classification through self-organizing feature maps modified to treat uncertainties Proceedings of the IEEE. ,vol. 84, pp. 1497- 1512 ,(1996) , 10.1109/5.537114