Title :
Anomaly Detection in Computer Networks Using Dissimilarity-Based One-Class Classifiers
Author :
Ma, Jun ; Dai, Guanzhong
Author_Institution :
Northwestern Polytech. Univ., Xian
Abstract :
Anomaly detection in computer networks tries to detect traffic deviation from the normal model. Traditionally, feature-based one-class classifiers are the main components of anomaly detection systems. The performance of this anomaly detection system largely depends on the result of the feature selection. dissimilarity representations describe an object by its dissimilarities to a set of target class. The dissimilarity-based one-class classifiers (DBOCCs) are constructed on dissimilarity representations. Redundancy and relativity of the features cast little influence on the performance of DBOCCs. This paper proposes anomaly detection using DBOCCs with unsupervised learning approach. Several combinations of DBOCCs scheme have also been used. The experimental results on KDDCUP´99 dataset shows that DBOCCs can achieve high detection rate and low false positive without large degeneration in performance as traditional feature-based classifiers suffered when different feature subsets have been used.
Keywords :
computer networks; learning (artificial intelligence); security of data; telecommunication traffic; anomaly detection systems; computer networks; dissimilarity representations; dissimilarity-based one-class classifiers; traffic deviation detection; unsupervised learning; Application software; Classification algorithms; Computer networks; Constitution; Intelligent networks; Intelligent systems; Intrusion detection; Telecommunication traffic; Traffic control; Unsupervised learning;
Conference_Titel :
Intelligent Systems Design and Applications, 2008. ISDA '08. Eighth International Conference on
Conference_Location :
Kaohsiung
Print_ISBN :
978-0-7695-3382-7
DOI :
10.1109/ISDA.2008.129
