A clustering-based method for unsupervised intrusion detections

Authors:
ShengYi Jiang;Xiaoyu Song;Hui Wang;Jian-Jun Han;Qing-Hua Li
Affiliations:
School of Informatics, GuangDong University of Foreign Studies, 510420 Guangzhou, Guangdong, China;Electrical and Computer Engineering, Portland State University, Oregon, OR, USA;Communication Command College, 430010 Wuhan, Hubei, China;Computer School, Huazhong University of Science and Technology, 430074 Wuhan, Hubei, China;Computer School, Huazhong University of Science and Technology, 430074 Wuhan, Hubei, China
Venue:
Pattern Recognition Letters
Year:
2006

Citing 9
Cited 18

An Intrusion-Detection Model

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Data clustering: a review

ACM Computing Surveys (CSUR)
On-line unsupervised outlier detection using finite mixtures with discounting learning algorithms

Proceedings of the sixth ACM SIGKDD international conference on Knowledge discovery and data mining
A framework for constructing features and models for intrusion detection systems

ACM Transactions on Information and System Security (TISSEC)
Discovering outlier filtering rules from unlabeled data: combining a supervised learner with an unsupervised learner

Proceedings of the seventh ACM SIGKDD international conference on Knowledge discovery and data mining
Squeezer: an efficient algorithm for clustering categorical data

Journal of Computer Science and Technology
Anomaly Detection over Noisy Data using Learned Probability Distributions

ICML '00 Proceedings of the Seventeenth International Conference on Machine Learning
Outlier Detection Using Replicator Neural Networks

DaWaK 2000 Proceedings of the 4th International Conference on Data Warehousing and Knowledge Discovery
Clustering and classification algorithm for computer intrusion detection

Clustering and classification algorithm for computer intrusion detection

LDBOD: A novel local distribution based outlier detector

Pattern Recognition Letters
Locally linear reconstruction for instance-based learning

Pattern Recognition
Review: Intrusion detection by machine learning: A review

Expert Systems with Applications: An International Journal
Neural projection techniques for the visual inspection of network traffic

Neurocomputing
A Combination Classification Algorithm Based on Outlier Detection and C4.5

ADMA '09 Proceedings of the 5th International Conference on Advanced Data Mining and Applications
An Outlier Detection Algorithm Based on Arbitrary Shape Clustering

ADMA '09 Proceedings of the 5th International Conference on Advanced Data Mining and Applications
An approach to model building for accelerated cooling process using instance-based learning

Expert Systems with Applications: An International Journal
Outlier detection techniques for process mining applications

ISMIS'08 Proceedings of the 17th international conference on Foundations of intelligent systems
Framework of clustering-based outlier detection

FSKD'09 Proceedings of the 6th international conference on Fuzzy systems and knowledge discovery - Volume 1
Approach based ensemble methods for better and faster intrusion detection

CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
On using prototype reduction schemes to optimize locally linear reconstruction methods

Pattern Recognition
An improved K-nearest-neighbor algorithm for text categorization

Expert Systems with Applications: An International Journal
A differentiated one-class classification method with applications to intrusion detection

Expert Systems with Applications: An International Journal
An unsupervised feature selection framework based on clustering

PAKDD'11 Proceedings of the 15th international conference on New Frontiers in Applied Data Mining
An effective unsupervised network anomaly detection method

Proceedings of the International Conference on Advances in Computing, Communications and Informatics
An evaluation of clustering technique over intrusion detection system

Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Advanced probabilistic approach for network intrusion forecasting and detection

Expert Systems with Applications: An International Journal
A generalized cluster centroid based classifier for text categorization

Information Processing and Management: an International Journal

Quantified Score

Hi-index	0.11

Visualization

Abstract

Detection of intrusion attacks is an important issue in network security. This paper considers the outlier factor of clusters for measuring the deviation degree of a cluster. A novel method is proposed to compute the cluster radius threshold. The data classification is performed by an improved nearest neighbor (INN) method. A powerful clustering-based method is presented for the unsupervised intrusion detection (CBUID). The time complexity of CBUID is linear with the size of dataset and the number of attributes. The experiments demonstrate that our method outperforms the existing methods in terms of accuracy and detecting unknown intrusions.