LOF: identifying density-based local outliers
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Pattern Recognition with Fuzzy Objective Function Algorithms
Pattern Recognition with Fuzzy Objective Function Algorithms
Mining distance-based outliers in near linear time with randomization and a simple pruning rule
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
An Efficient Reference-Based Approach to Outlier Detection in Large Datasets
ICDM '06 Proceedings of the Sixth International Conference on Data Mining
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A Novel Covariance Matrix Based Approach for Detecting Network Anomalies
CNSR '08 Proceedings of the Communication Networks and Services Research Conference
A Novel Outlier Detection Scheme for Network Intrusion Detection Systems
ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
Critical Study of Supervised Learning Techniques in Predicting Attacks
Information Security Journal: A Global Perspective
Anomaly detection in IP networks
IEEE Transactions on Signal Processing
Toward Automated Anomaly Identification in Large-Scale Systems
IEEE Transactions on Parallel and Distributed Systems
An effective unsupervised network anomaly detection method
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
A DDoS attack detection mechanism based on protocol specific traffic features
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
Hi-index | 0.00 |
Anomaly detection, which is an important task in any Network Intrusion Detection System (NIDS), enables discovery of known as well as unknown attacks. Anomaly detection using outlier approach is a successful network anomaly identification technique. In this paper, we describe NADO (Network Anomaly Detection using Outlier approach), an effective outlier based approach for detection of anomalies in networks. It initially clusters the normal data using a variant of the k-means clustering technique for high dimensional data. Then it calculates the reference point from each cluster and builds profiles for each cluster. Finally, it calculates the score for each candidate point w.r.t the reference points and reports as anomaly if it exceeds a user defined threshold value. We evaluate the performance of our approach with KDDcup99 intrusion dataset and other real life datasets. We show that NADO has high detection rate and low false positive rate.