A hybrid unsupervised clustering-based anomaly detection method
نویسندگان
چکیده
In recent years, machine learning-based cyber intrusion detection methods have gained increasing popularity. The number and complexity of new attacks continue to rise; therefore, effective intelligent solutions are necessary. Unsupervised learning techniques particularly appealing systems since they can detect known unknown types as well zero-day attacks. the current paper, we present an unsupervised anomaly method, which combines Sub-Space Clustering (SSC) One Class Support Vector Machine (OCSVM) without any prior knowledge. proposed approach is evaluated using well-known NSL-KDD dataset. experimental results demonstrate that our method performs better than some existing techniques.
منابع مشابه
A Clustering-Based Unsupervised Approach to Anomaly Intrusion Detection
In the present paper a 2-means clustering-based anomaly detection technique is proposed. The presented method parses the set of training data, consisting of normal and anomaly data, and separates the data into two clusters. Each cluster is represented by its centroid one of the normal observations, and the other for the anomalies. The paper also provides appropriate methods for clustering, trai...
متن کاملUnsupervised Clustering Approach for Network Anomaly Detection
This paper describes the advantages of using the anomaly detection approach over the misuse detection technique in detecting unknown network intrusions or attacks. It also investigates the performance of various clustering algorithms when applied to anomaly detection. Five different clustering algorithms: k-Means, improved k-Means, k-Medoids, EM clustering and distance-based outlier detection a...
متن کاملSub-Space Clustering, Inter-Clustering Results Association & Anomaly Correlation for Unsupervised Network Anomaly Detection
Network anomaly detection is a critical aspect of network management for instance for QoS, security, etc. The continuous arising of new anomalies and attacks create a continuous challenge to cope with events that put the network integrity at risk. Most network anomaly detection systems proposed so far employ a supervised strategy to accomplish the task, using either signature-based detection me...
متن کامل360◦ Anomaly Based Unsupervised Intrusion Detection
This paper is meant as a reference to describe the research conducted at the Politecnico di Milano university on unsupervised learning for anomaly detection. We summarize our key results and our ongoing and future work, referencing our publications as well as the core literature of the field to give the interested reader a roadmap for exploring our research area.
متن کاملUnsupervised Clustering Methods for Identifying Rare Events in Anomaly Detection
It is important problems to increase the detection rates and reduce false positive rates in Intrusion Detection System (IDS). Although preventative techniques such as access control and authentication attempt to prevent intruders, these can fail, and as a second line of defence, intrusion detection has been introduced. Rare events are events that occur very infrequently, detection of rare event...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Tsinghua Science & Technology
سال: 2021
ISSN: ['1878-7606', '1007-0214']
DOI: https://doi.org/10.26599/tst.2019.9010051