Anomaly detection based on unsupervised niche clustering with application to network intrusion detection

被引:29
|
作者
Leon, E [1 ]
Nasraoui, F [1 ]
Gomez, J [1 ]
机构
[1] Univ Memphis, Dept Elect & Comp Engn, Memphis, TN 38152 USA
来源
CEC2004: PROCEEDINGS OF THE 2004 CONGRESS ON EVOLUTIONARY COMPUTATION, VOLS 1 AND 2 | 2004年
关键词
D O I
10.1109/CEC.2004.1330898
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
We present a new approach to anomaly detection based on the Unsupervised Niche Clustering (UNC). The UNC is a genetic niching technique for clustering that can handle noise, and is able to determine the number of clusters automatically. The UNC uses the normal samples for generating a profile of the normal space (clusters). Each cluster can later be characterized by a fuzzy membership function that follows a Gaussian shape defined by the evolved cluster centers and radii. The set of memberships are aggregated using a max-or fuzzy operator in order to determine the normalcy level of a data sample. Experiments on synthetic and real data sets, including a network intrusion detection data set, are performed and some results are analyzed and reported.
引用
收藏
页码:502 / 508
页数:7
相关论文
共 50 条
  • [21] A Mixed Unsupervised Clustering-based Intrusion Detection Model
    Zhang, Cuixiao
    Zhang, Guobing
    Sun, Shanshan
    [J]. THIRD INTERNATIONAL CONFERENCE ON GENETIC AND EVOLUTIONARY COMPUTING, 2009, : 426 - 428
  • [22] An improved unsupervised clustering-based intrusion detection method
    Hai, YJ
    Wu, Y
    Wang, GY
    [J]. Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, 2005, 5812 : 52 - 60
  • [23] A Clustering based Algorithm for Network Intrusion Detection
    Arya, K. V.
    Kumar, Hemant
    [J]. PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON SECURITY OF INFORMATION AND NETWORKS, 2012, : 193 - 196
  • [24] Intrusion detection based on unsupervised clustering and simulated annealing (IDCSA)
    Zheng Hongying
    Liao Xiaofeng
    Ni Lin
    [J]. CHINESE JOURNAL OF ELECTRONICS, 2006, 15 (4A) : 960 - 962
  • [25] Fuzzy Clustering Based Anomaly Detection for Updating Intrusion Detection Signature Files
    Padath, Anish Abraham
    Endicott-Popovsky, Barbara
    [J]. JOURNAL OF INFORMATION ASSURANCE AND SECURITY, 2011, 6 (06): : 462 - 468
  • [26] Hybrid Intrusion Detection System using an Unsupervised method for Anomaly-based Detection
    Bhadauria, Saumya
    Mohanty, Tamanna
    [J]. 2021 IEEE INTERNATIONAL CONFERENCE ON ADVANCED NETWORKS AND TELECOMMUNICATIONS SYSTEMS (IEEE ANTS), 2021,
  • [27] Intrusion detection for high-speed railways based on unsupervised anomaly detection models
    Yao Wang
    Zujun Yu
    Liqiang Zhu
    [J]. Applied Intelligence, 2023, 53 : 8453 - 8466
  • [28] Intrusion detection for high-speed railways based on unsupervised anomaly detection models
    Wang, Yao
    Yu, Zujun
    Zhu, Liqiang
    [J]. APPLIED INTELLIGENCE, 2023, 53 (07) : 8453 - 8466
  • [29] Anomaly detection based Intrusion Detection
    Novikov, Dima
    Yampolskiy, Roman V.
    Reznik, Leon
    [J]. THIRD INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, PROCEEDINGS, 2006, : 420 - +
  • [30] A Graph-based Clustering Algorithm for Anomaly Intrusion Detection
    Zhou Mingqiang
    Huang Hui
    Wang Qian
    [J]. PROCEEDINGS OF 2012 7TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE & EDUCATION, VOLS I-VI, 2012, : 1311 - 1314
12345