IEEE Transactions on Software Engineering - Special issue on computer security and privacy
An introduction to Kolmogorov complexity and its applications (2nd ed.)
An introduction to Kolmogorov complexity and its applications (2nd ed.)
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Prediction algorithms and confidence measures based on algorithmic randomness theory
Theoretical Computer Science - Natural computing
Transductive Confidence Machines for Pattern Recognition
ECML '02 Proceedings of the 13th European Conference on Machine Learning
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Detecting outliers using transduction and statistical testing
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Network anomaly detection based on TCM-KNN algorithm
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
On cluster validity for the fuzzy c-means model
IEEE Transactions on Fuzzy Systems
Abstracting audit data for lightweight intrusion detection
ICISS'10 Proceedings of the 6th international conference on Information systems security
IDS false alarm reduction using an instance selection KNN-memetic algorithm
International Journal of Metaheuristics
Hi-index | 0.00 |
Network anomaly detection is a classically difficult research topic in intrusion detection. However, existing research has been solely focused on the detection algorithm. An important issue that has not been well studied so far is the selection of normal training data for network anomaly detection algorithm, which is highly related to the detection performance and computational complexity. Based on our previous proposed TCM-KNN (Transductive Confidence Machines for K-Nearest Neighbors) anomaly detection method, which can detect anomalies with high detection rate and low false positive rate, we develop an instance selection mechanism for TCM-KNN based on EFCM (Extended Fuzzy C-Means) clustering algorithm in this paper, aiming at limiting the size of training dataset, thus reducing the computational cost of TCM-KNN and boosting its detection performance. We report the experimental results over real network traffic. The results demonstrate the instance selection method presented in this paper is effective for TCM-KNN and thus optimizing it as an effectively lightweight network anomaly detection scheme.