Title :
Applying KSE-test and K-means clustering towards scalable unsupervised intrusion detection
Author :
Jirachan, Thanachai ; Piromsopa, Krerk
Author_Institution :
Dept. of Comput. Eng., Chulalongkorn Univ., Bangkok, Thailand
Abstract :
We proposed a scalable outlier detection method to identify outliers in large datasets with a goal to create unsupervised intrusion detection. In our work, the strength of Kolmogorov-Smirnov test and K-means clustering algorithm, both with linear time complexity, are combined to create fast outlier detection. While still maintaining high detection rate and low false alarm rate, our method can easily be paralleled for processing a large data set. The result is then applied with a predefined threshold in order to create efficient intrusion detection. We validated our method against the KDD´99 dataset. With appropriate value of threshold and value of K in KSE test, the results showed the detection rate up to 80% with false alarms less than 10%. While scaling linearly, the accuracy of our method is also improved from those of pure KSE-test-based methods.
Keywords :
computational complexity; pattern clustering; security of data; unsupervised learning; K-means clustering algorithm; KSE-test algorithm; Kolmogorov-Smirnov test algorithm; linear time complexity; predefined threshold; scalable outlier detection method; scalable unsupervised intrusion detection method; Accuracy; Algorithm design and analysis; Clustering algorithms; Computers; Intrusion detection; Time complexity; Anomaly detection; Clustering; Intrusion detection; Log analysis; Outlier Detection;
Conference_Titel :
Computer Science and Software Engineering (JCSSE), 2015 12th International Joint Conference on
Conference_Location :
Songkhla
DOI :
10.1109/JCSSE.2015.7219775
