An Experimental Study on Instance Selection Schemes for Efficient Network Anomaly Detection

Authors:
Yang Li;Li Guo;Bin-Xing Fang;Xiang-Tao Liu; Lin-Qi
Affiliations:
China Mobile Research Institute, Beijing, China 100053 and Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China 100190;Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China 100190;Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China 100190;Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China 100190;University of Maryland, America 21226
Venue:
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Year:
2009

Citing 1
Cited 0

Network anomaly detection based on TCM-KNN algorithm

ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Traditional researches on network anomaly detection have been solely focused on the detection algorithms, whereas an important issue that has not been well studied so far is the selection of normal training data for network anomaly detection algorithm, which is highly related to the detection performance and computational complexities. In this poster, we present two instance selection mechanism --- EFCM (Enhanced Fuzzy C-Means) as well asGA (Genetic Algorithm) for network anomaly detection algorithm, aiming at limiting the size of training dataset, thus reducing the computational cost of them, as well as boosting their detection performance. We report our experimental results on several classic network anomaly detection algorithms by using the network traffic trace collected from a real network environment.