Anomaly Detection in Network Security Based on Nonparametric Techniques

Author

Kim, Eunhye ; Kim, Sehun

Author_Institution

Dept. of Ind. Eng., Korea Adv. Inst. of Sci. & Technol., Daejeon

fYear

2006

fDate

23-29 April 2006

Firstpage

1

Lastpage

2

Abstract

In this paper, we propose a hybrid feature selection method in which Principal Components Analysis is combined with optimized k- Means clustering technique. Our approach hierarchically reduces the redundancy of features with high explanation in PCA for choosing a good subset of features critical to improve the performance of classifiers. Based on this result, we evaluate the performance of intrusion detection by using a nonparametric density estimation approach based on Parzen-Window and k-Nearest Neighbor classifiers over data sets with reduced features. The experiment with KDD Cup 1999 data set show several advantages in terms of computational complexity and our method achieves significant detection rate which shows possibility of detecting successfully attacks.

Keywords

principal component analysis; security of data; statistical analysis; telecommunication security; PCA; Parzen-Window classifiers; anomaly detection; hybrid feature selection method; intrusion detection; k- means clustering technique; k-nearest neighbor classifiers; network security; nonparametric density estimation; nonparametric techniques; principal components analysis; Algorithm design and analysis; Clustering algorithms; Data mining; Data security; Feature extraction; Intrusion detection; Kernel; Principal component analysis; Redundancy; Training data;

fLanguage

English

Publisher

ieee

Conference_Titel

INFOCOM 2006. 25th IEEE International Conference on Computer Communications. Proceedings

Conference_Location

Barcelona

ISSN

0743-166X

Print_ISBN

1-4244-0221-2

Type

conf

DOI

10.1109/INFOCOM.2006.76

Filename

4146729