Unsupervised Anomaly Detection Based on Clustering and Multiple One-Class SVM
作者: Jungsuk SONG , Hiroki TAKAKURA , Yasuo OKABE , Yongjin KWON
DOI: 10.1587/TRANSCOM.E92.B.1981
关键词:
摘要: Intrusion detection system (IDS) has played an important role as a device to defend our networks from cyber attacks. However, since it is unable detect unknown attacks, i.e., 0-day the ultimate challenge in intrusion field how we can exactly identify such attack by automated manner. Over past few years, several studies on solving these problems have been made anomaly using unsupervised learning techniques clustering, one-class support vector machine (SVM), etc. Although they enable one construct models at low cost and effort, capability unforeseen still mainly two detection: rate high false positive rate. In this paper, propose new method based clustering multiple SVM order improve while maintaining We evaluated KDD Cup 1999 data set. Evaluation results show that approach outperforms existing algorithms reported literature; especially of
harvard.edu
sci-hub.se 参考文章(25)
Andrew H. Sung, Srinivas Mukkamala, Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligence Techniques. International Journal of Digital Evidence. ,vol. 1, ,(2003)
Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Yongjin Kwon, A Robust Feature Normalization Scheme and an Optimized Clustering Method for Anomaly-Based Intrusion Detection System Advances in Databases: Concepts, Systems and Applications. pp. 140- 151 ,(2007) , 10.1007/978-3-540-71703-4_14
JingTao Yao, Songlun Zhao, Lisa Fan, An enhanced support vector machine model for intrusion detection rough sets and knowledge technology. pp. 538- 543 ,(2006) , 10.1007/11795131_78
Reza Sadoddin, Ali A. Ghorbani, A Comparative Study of Unsupervised Machine Learning and Data Mining Techniques for Intrusion Detection machine learning and data mining in pattern recognition. pp. 404- 418 ,(2007) , 10.1007/978-3-540-73499-4_31
Julia Allen, Alan Christie, William Fithen, John McHugh, Jed Pickel, State of the Practice of Intrusion Detection Technologies Defense Technical Information Center. ,(2000) , 10.21236/ADA375846
Christopher Leckie, Kingsly Leung, Unsupervised anomaly detection in network intrusion detection using clusters ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38. ,vol. 38, pp. 333- 342 ,(2005)
E Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, Sal Stolfo, A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA APPLICATIONS OF DATA MINING IN COMPUTER SECURITY. pp. 0- 0 ,(2002) , 10.7916/D8D50TQT
Peter Mell, Rebecca Bace, NIST Special Publication on Intrusion Detection Systems ,(2001)
Nello Cristianini, J Shawe-Taylor, An introduction to Support Vector Machines Cambridge University Press (2000). ,(2000)
Wenke Lee, S.J. Stolfo, K.W. Mok, A data mining framework for building intrusion detection models ieee symposium on security and privacy. pp. 120- 132 ,(1999) , 10.1109/SECPRI.1999.766909