A hybrid unsupervised clustering-based anomaly detection method

نویسندگان

چکیده

In recent years, machine learning-based cyber intrusion detection methods have gained increasing popularity. The number and complexity of new attacks continue to rise; therefore, effective intelligent solutions are necessary. Unsupervised learning techniques particularly appealing systems since they can detect known unknown types as well zero-day attacks. the current paper, we present an unsupervised anomaly method, which combines Sub-Space Clustering (SSC) One Class Support Vector Machine (OCSVM) without any prior knowledge. proposed approach is evaluated using well-known NSL-KDD dataset. experimental results demonstrate that our method performs better than some existing techniques.

برای دانلود باید عضویت طلایی داشته باشید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Clustering-Based Unsupervised Approach to Anomaly Intrusion Detection

In the present paper a 2-means clustering-based anomaly detection technique is proposed. The presented method parses the set of training data, consisting of normal and anomaly data, and separates the data into two clusters. Each cluster is represented by its centroid one of the normal observations, and the other for the anomalies. The paper also provides appropriate methods for clustering, trai...

متن کامل

Unsupervised Clustering Approach for Network Anomaly Detection

This paper describes the advantages of using the anomaly detection approach over the misuse detection technique in detecting unknown network intrusions or attacks. It also investigates the performance of various clustering algorithms when applied to anomaly detection. Five different clustering algorithms: k-Means, improved k-Means, k-Medoids, EM clustering and distance-based outlier detection a...

متن کامل

Sub-Space Clustering, Inter-Clustering Results Association & Anomaly Correlation for Unsupervised Network Anomaly Detection

Network anomaly detection is a critical aspect of network management for instance for QoS, security, etc. The continuous arising of new anomalies and attacks create a continuous challenge to cope with events that put the network integrity at risk. Most network anomaly detection systems proposed so far employ a supervised strategy to accomplish the task, using either signature-based detection me...

متن کامل

360◦ Anomaly Based Unsupervised Intrusion Detection

This paper is meant as a reference to describe the research conducted at the Politecnico di Milano university on unsupervised learning for anomaly detection. We summarize our key results and our ongoing and future work, referencing our publications as well as the core literature of the field to give the interested reader a roadmap for exploring our research area.

متن کامل

Unsupervised Clustering Methods for Identifying Rare Events in Anomaly Detection

It is important problems to increase the detection rates and reduce false positive rates in Intrusion Detection System (IDS). Although preventative techniques such as access control and authentication attempt to prevent intruders, these can fail, and as a second line of defence, intrusion detection has been introduced. Rare events are events that occur very infrequently, detection of rare event...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

ژورنال

عنوان ژورنال: Tsinghua Science & Technology

سال: 2021

ISSN: ['1878-7606', '1007-0214']

DOI: https://doi.org/10.26599/tst.2019.9010051