Unsupervised Sequential Information Bottleneck Clustering For Building Anomaly Based Network Intrusion Detection Model
نویسندگان
چکیده
In this paper we present a novel approach to unsupervised clustering in building an efficient anomaly based network intrusion detection model. The method is based on a recently introduced sequential information bottleneck (sIB) principle. KDDCup 1999 intrusion detection benchmark dataset is used for the experimentation of our proposed technique. The experimental results demonstrate that the proposed technique is more suitable in detecting network intrusions in terms of accuracy compared to other existing clustering algorithms.
منابع مشابه
Detecting Network Intrusions a Clustering Approach
With the increased usage of computer networks, security becomes a critical issue. Recently, data mining methods have gained lot of attention in addressing network security issues, including intrusion detection. Consequently, unsupervised learning methods have been given much importance for anomaly based network intrusion detection. In this paper, we investigate new clustering algorithms like fa...
متن کاملA Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملA Novel Classification via Clustering Method for Anomaly Based Network Intrusion Detection System
Intrusion detection in the internet is an active area of research. Intruders can be classified into two types, namely; external intruders who are unauthorized users of the computers they attack, and internal intruders, who have permission to access the system but with some restrictions. The aim of this paper is to present a methodology to recognize attacks during the normal activities in a syst...
متن کاملSub-Space Clustering, Inter-Clustering Results Association & Anomaly Correlation for Unsupervised Network Anomaly Detection
Network anomaly detection is a critical aspect of network management for instance for QoS, security, etc. The continuous arising of new anomalies and attacks create a continuous challenge to cope with events that put the network integrity at risk. Most network anomaly detection systems proposed so far employ a supervised strategy to accomplish the task, using either signature-based detection me...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009