Unsupervised anomaly detection in network intrusion detection using clusters
作者: Christopher Leckie , Kingsly Leung
DOI:
关键词: Data mining 、 Cluster analysis 、 Pattern recognition 、 Data set 、 Computational complexity theory 、 Signature (logic) 、 Network intrusion detection 、 Anomaly-based intrusion detection system 、 Computer science 、 Artificial intelligence 、 Training set 、 Anomaly detection
摘要: Most current network intrusion detection systems employ signature-based methods or data mining-based which rely on labelled training data. This is typically expensive to produce. Moreover, these have difficulty in detecting new types of attack. Using unsupervised anomaly techniques, however, the system can be trained with unlabelled and capable previously "unseen" attacks. In this paper, we present a density-based grid-based clustering algorithm that suitable for detection. We evaluated our using 1999 KDD Cup set. Our evaluation shows accuracy approach close existing techniques reported literature, has several advantages terms computational complexity.
crpit.com
acm.org 参考文章(25)
Levent Ertöz, Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, Aysel Ozgur, A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection. siam international conference on data mining. pp. 25- 36 ,(2003)
Carla E. Brodley, Terran Lane, Sequence Matching and Learning in Anomaly Detection for Computer Security ,(1997)
Kanoksri Sarinnapakorn, Mei-Ling Shyu, Shu-Ching Chen, LiWu Chang, A Novel Anomaly Detection Scheme Based on Principal Component Classifier international conference on data mining. pp. 172- 179 ,(2003)
Dipankar Dasgupta, Neuro-Immune and Self-Organizing Map Approaches to Anomaly Detection: A Comparison ,(2002)
Ramakrishnan Srikant, Rakesh Agrawal, Fast algorithms for mining association rules very large data bases. pp. 580- 592 ,(1998)
Ramakrishnan Srikant, Rakesh Agrawal, Fast Algorithms for Mining Association Rules in Large Databases very large data bases. pp. 487- 499 ,(1994)
Eleazar Eskin, Anomaly Detection over Noisy Data using Learned Probability Distributions international conference on machine learning. pp. 255- 262 ,(2000) , 10.7916/D8C53SKF
Richard R. Muntz, Jiong Yang, Wei Wang, STING: A Statistical Information Grid Approach to Spatial Data Mining very large data bases. pp. 186- 195 ,(1997)
E Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, Sal Stolfo, A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA APPLICATIONS OF DATA MINING IN COMPUTER SECURITY. pp. 0- 0 ,(2002) , 10.7916/D8D50TQT
Joshua Oldmeadow, Siddarth Ravinutala, Christopher Leckie, Adaptive Clustering for Network Intrusion Detection Advances in Knowledge Discovery and Data Mining. pp. 255- 259 ,(2004) , 10.1007/978-3-540-24775-3_33