Mining Common Outliers for Intrusion Detection
نویسندگان
چکیده
Data mining for intrusion detection can be divided into several sub-topics, among which unsupervised clustering (which has controversial properties). Unsupervised clustering for intrusion detection aims to i) group behaviours together depending on their similarity and ii) detect groups containing only one (or very few) behaviour(s). Such isolated behaviours seem to deviate from the model of normality; therefore, they are considered as malicious. Obviously, not all atypical behaviours are attacks or intrusion attempts. This represents one drawback of intrusion detection methods based on clustering. We take into account the addition of a new feature to isolated behaviours before they are considered malicious. This feature is based on the possible repeated occurrences of the bahaviour on many information systems. Based on this feature, we propose a new outlier mining method which we validate through a set of experiments. Goverdhan Singh INRIA, 2004 route des lucioles BP 93, FR-06902 Sophia Antipolis e-mail: [email protected] Florent Masseglia INRIA, 2004 route des lucioles BP 93, FR-06902 Sophia Antipolis e-mail: [email protected] Céline Fiot INRIA, 2004 route des lucioles BP 93, FR-06902 Sophia Antipolis e-mail: [email protected] Alice Marascu INRIA, 2004 route des lucioles BP 93, FR-06902 Sophia Antipolis e-mail: [email protected] Pascal Poncelet LIRMM UMR CNRS 5506, 161 Rue Ada, 34392 Montpellier Cedex 5, France e-mail: [email protected]
منابع مشابه
Analyzing Outlier Detection Techniques with Hybrid Method
Now day’s Outlier Detection is used in various fields such as Credit Card Fraud Detection, Cyber-Intrusion Detection, Medical Anomaly Detection, and Data Mining etc. So to detect anomaly objects from various types of dataset Outlier Detection techniques are used, that detects and remove the anomaly objects from the dataset. Outliers are the containments that divert from the other objects. Outli...
متن کاملOn detection of outliers and their effect in supervised classification
An outlier is an observation that deviates so much from other observations as to arouse suspicion that it was generated by a different mechanism (Hawkins, 1980). Outlier detection has many applications, such as data cleaning, fraud detection and network intrusion. The existence of outliers can indicate individuals or groups that have behavior very different from the most of the individuals of t...
متن کاملA Meta analysis study of outlier detection methods in classification
An outlier is an observation that deviates so much from other observations as to arouse suspicion that it was generated by a different mechanism (Hawkins, 1980). Outlier detection has many applications, such as data cleaning, Fraud detection and network intrusion. The existence of outliers can indicate individuals or groups that have behavior very different to the most of the individuals of the...
متن کاملAn empirical study of the effect of outliers on the misclassification error rate
An outlier is an observation that deviates so much from other observations that it seems to have been generated by a different mechanism. Outlier detection has many applications, such as data cleaning, fraud detection and network intrusion. The existence of outliers can indicate individuals or groups that exhibit a behavior that is very different from most of the individuals of the data set. Fr...
متن کاملAccelerating Outlier Detection with Uncertain Data Using Graphics Processors
Outlier detection (also known as anomaly detection) is a common data mining task in which data points that lie outside expected patterns in a given dataset are identified. This is useful in areas such as fault detection, intrusion detection and in pre-processing before further analysis. There are many approaches already in use for outlier detection, typically adapting other existing data mining...
متن کاملOutlier Detection in Wireless Sensor Networks Using Distributed Principal Component Analysis
Detecting anomalies is an important challenge for intrusion detection and fault diagnosis in wireless sensor networks (WSNs). To address the problem of outlier detection in wireless sensor networks, in this paper we present a PCA-based centralized approach and a DPCA-based distributed energy-efficient approach for detecting outliers in sensed data in a WSN. The outliers in sensed data can be ca...
متن کامل