An Effective Unsupervised Network Anomaly Detection Method

被引:0
|
作者
Bhuyan, Monowar H. [1 ]
Bhattacharyya, D. K. [1 ]
Kalita, J. K. [2 ]
机构
[1] Tezpur Univ, Dept Comp Sci & Engn, Tezpur, Assam, India
[2] Univ Colorado Colorado Springs, Dept Comp Sci, Colorado Springs, CO 80918 USA
来源
PROCEEDINGS OF THE 2012 INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATIONS AND INFORMATICS (ICACCI'12) | 2012年
基金
美国国家科学基金会;
关键词
Cluster; unsupervised; intrusion; cluster stability; ensemble; VALIDATION;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper, we present an effective tree based subspace clustering technique (TreeCLUS) for finding clusters in network intrusion data and for detecting unknown attacks without using any labelled traffic or signatures or training. To establish its effectiveness in finding all possible clusters, we perform a cluster stability analysis. We also introduce an effective cluster labelling technique (CLUSLab) to generate labelled dataset based on the stable cluster set generated by TreeCLUS. CLUSLab is a multi-objective technique that exploits an ensemble approach for stability analysis of the clusters generated by TreeCLUS. We evaluate the performance of both TreeCLUS and CLUSLab in terms of several real world intrusion datasets to identify unknown attacks and find that both outperform the competing algorithms.
引用
收藏
页码:533 / 539
页数:7
相关论文
共 50 条
  • [1] Online and Scalable Unsupervised Network Anomaly Detection Method
    Dromard, Juliette
    Roudiere, Gilles
    Owezarski, Philippe
    [J]. IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2017, 14 (01): : 34 - 47
  • [2] TOWARDS AN UNSUPERVISED METHOD FOR NETWORK ANOMALY DETECTION IN LARGE DATASETS
    Bhuyan, Monowar Hussain
    Bhattacharyya, Dhruba K.
    Kalita, Jugal K.
    [J]. COMPUTING AND INFORMATICS, 2014, 33 (01) : 1 - 34
  • [3] Unsupervised and Ensemble-based Anomaly Detection Method for Network Security
    Yang, Donghun
    Hwang, Myunggwon
    [J]. 2022-14TH INTERNATIONAL CONFERENCE ON KNOWLEDGE AND SMART TECHNOLOGY (KST 2022), 2022, : 75 - 79
  • [4] An Effective Distance-Computing Method for Network Anomaly Detection
    Zhou, Guo-Hui
    [J]. SECURITY TECHNOLOGY, 2011, 259 : 177 - 182
  • [5] Unsupervised Nonparametric Anomaly Detection: A Kernel Method
    Zou, Shaofeng
    Liang, Yingbin
    Poor, H. Vincent
    Shi, Xinghua
    [J]. 2014 52ND ANNUAL ALLERTON CONFERENCE ON COMMUNICATION, CONTROL, AND COMPUTING (ALLERTON), 2014, : 836 - 841
  • [6] Sequential Ensemble Method for Unsupervised Anomaly Detection
    Huy Van Nguyen
    Trung Thanh Nguyen
    Quang Uy Nguyen
    [J]. 2017 9TH INTERNATIONAL CONFERENCE ON KNOWLEDGE AND SYSTEMS ENGINEERING (KSE 2017), 2017, : 71 - 76
  • [7] Anomaly Based Network Intrusion Detection with Unsupervised Outlier Detection
    Zhang, Jiong
    Zulkernine, Mohammad
    [J]. 2006 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-12, 2006, : 2388 - 2393
  • [8] ENAD: An Ensemble Framework for Unsupervised Network Anomaly Detection
    Liao, Jingyi
    Teo, Sin G.
    Kundu, Partha Pratim
    Tram Truong-Huu
    [J]. PROCEEDINGS OF THE 2021 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE (IEEE CSR), 2021, : 81 - 88
  • [9] Unsupervised network traffic anomaly detection with deep autoencoders
    Dutta, Vibekananda
    Pawlicki, Marek
    Kozik, Rafal
    Choras, Michal
    [J]. LOGIC JOURNAL OF THE IGPL, 2022, 30 (06) : 912 - 925
  • [10] An Unsupervised Network Intrusion Detection Based on Anomaly Analysis
    Zhong, Jiang
    Deng, Xiongbing
    Wen, Luosheng
    Feng, Yong
    [J]. ICICTA: 2009 SECOND INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTATION TECHNOLOGY AND AUTOMATION, VOL II, PROCEEDINGS, 2009, : 367 - +
12345