Application of Clustering Techniques in a Network Security Testing System

Authors:
Guiomar Corral;Elisabet Golobardes;Oriol Andreu;Isard Serra;Elisabet Maluquer;Àngel Martínez
Affiliations:
Enginyeria i Arquitectura La Salle-Universitat Ramon Llull, Phone: 00 34 932902423 Fax: 00 34 93211100-c/Quatre Camins 2, 08022 Barcelona, {guiomar, elisabet, oandreu, iserra, emaluquer, angelm}@s ...;Enginyeria i Arquitectura La Salle-Universitat Ramon Llull, Phone: 00 34 932902423 Fax: 00 34 93211100-c/Quatre Camins 2, 08022 Barcelona, {guiomar, elisabet, oandreu, iserra, emaluquer, angelm}@s ...;Enginyeria i Arquitectura La Salle-Universitat Ramon Llull, Phone: 00 34 932902423 Fax: 00 34 93211100-c/Quatre Camins 2, 08022 Barcelona, {guiomar, elisabet, oandreu, iserra, emaluquer, angelm}@s ...;Enginyeria i Arquitectura La Salle-Universitat Ramon Llull, Phone: 00 34 932902423 Fax: 00 34 93211100-c/Quatre Camins 2, 08022 Barcelona, {guiomar, elisabet, oandreu, iserra, emaluquer, angelm}@s ...;Enginyeria i Arquitectura La Salle-Universitat Ramon Llull, Phone: 00 34 932902423 Fax: 00 34 93211100-c/Quatre Camins 2, 08022 Barcelona, {guiomar, elisabet, oandreu, iserra, emaluquer, angelm}@s ...;Enginyeria i Arquitectura La Salle-Universitat Ramon Llull, Phone: 00 34 932902423 Fax: 00 34 93211100-c/Quatre Camins 2, 08022 Barcelona, {guiomar, elisabet, oandreu, iserra, emaluquer, angelm}@s ...
Venue:
Proceedings of the 2005 conference on Artificial Intelligence Research and Development
Year:
2005

Citing 8
Cited 2

Automatic subspace clustering of high dimensional data for data mining applications

SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Accelerating exact k-means algorithms with geometric reasoning

KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
X-means: Extending K-means with Efficient Estimation of the Number of Clusters

ICML '00 Proceedings of the Seventeenth International Conference on Machine Learning
A Systematic Approach to Multi-Stage Network Attack Analysis

IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Unsupervised anomaly detection in network intrusion detection using clusters

ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
Searching for open windows and unlocked doors: port scanning in large-scale commodity clusters

CCGRID '05 Proceedings of the Fifth IEEE International Symposium on Cluster Computing and the Grid - Volume 01
Scriptroute: a public internet measurement facility

USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
An architecture for large scale Internet measurement

IEEE Communications Magazine

Unsupervised case memory organization: analysing computational time and soft computing capabilities

ECCBR'06 Proceedings of the 8th European conference on Advances in Case-Based Reasoning
Cohesion factors: improving the clustering capabilities of consensus

IDEAL'06 Proceedings of the 7th international conference on Intelligent Data Engineering and Automated Learning

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security has become a main concern in corporate networks. In order to keep a network protected it is necessary to periodically perform security tests to control devices and services, and also identify possible vulnerabilities. Never two networks behave the same way; thus, results obtained from security tests may substantially differ from one to another. In this case, trying to manually find a behavior pattern for all networks becomes a difficult task. Unsupervised techniques can help security analysts finding certain devices patterns, and also help revealing hidden problems in network security. This paper proposes a solution based on unsupervised techniques to help security analysts handling all the information obtained from security tests in order to detect abnormal groups of devices or atypical system behaviors.