Automatic subspace clustering of high dimensional data for data mining applications
SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Accelerating exact k-means algorithms with geometric reasoning
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
X-means: Extending K-means with Efficient Estimation of the Number of Clusters
ICML '00 Proceedings of the Seventeenth International Conference on Machine Learning
A Systematic Approach to Multi-Stage Network Attack Analysis
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Unsupervised anomaly detection in network intrusion detection using clusters
ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
Searching for open windows and unlocked doors: port scanning in large-scale commodity clusters
CCGRID '05 Proceedings of the Fifth IEEE International Symposium on Cluster Computing and the Grid - Volume 01
Scriptroute: a public internet measurement facility
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
An architecture for large scale Internet measurement
IEEE Communications Magazine
Unsupervised case memory organization: analysing computational time and soft computing capabilities
ECCBR'06 Proceedings of the 8th European conference on Advances in Case-Based Reasoning
Cohesion factors: improving the clustering capabilities of consensus
IDEAL'06 Proceedings of the 7th international conference on Intelligent Data Engineering and Automated Learning
Hi-index | 0.00 |
Security has become a main concern in corporate networks. In order to keep a network protected it is necessary to periodically perform security tests to control devices and services, and also identify possible vulnerabilities. Never two networks behave the same way; thus, results obtained from security tests may substantially differ from one to another. In this case, trying to manually find a behavior pattern for all networks becomes a difficult task. Unsupervised techniques can help security analysts finding certain devices patterns, and also help revealing hidden problems in network security. This paper proposes a solution based on unsupervised techniques to help security analysts handling all the information obtained from security tests in order to detect abnormal groups of devices or atypical system behaviors.