Title :
An Unsupervised Classification Scheme Using PDDP Method for Network Intrusion Detection
Author :
Liu, Jifen ; Gao, Maoting
Author_Institution :
Dept. of Inf. & Comput. Sci., Shanghai Maritime Univ., Shanghai
Abstract :
This paper presents an unsupervised classification scheme for intrusion detection using principal divisive direction partitioning (PDDP). As an effective clustering method, PDDP is unusual in that it is divisive, as opposed to agglomerative, and operates by splitting clusters into two smaller sub-clusters repeatedly. The splits are not based on any distance or similarity measure. By introducing the idea of PDDP method to intrusion detection, the number of clusters is able to be determined automatically. PDDPC have two advantages, one is that the singular value decomposition (SVD) can be stopped at the first singular value/vector and this makes PDDPC significantly more computational advantages, the other is that no distance and similarity measure is needed to define. The results of the experiments with KDD CUP1999 data show that this scheme can improve the detection quality effectively. It achieves 99% in accuracy and outperforms the UnPCC method and the k-mean method.
Keywords :
pattern clustering; security of data; singular value decomposition; unsupervised learning; KDD CUP1999 data; PDDP; PDDP method for network; SVD; UnPCC method; effective clustering method; intrusion detection; k-mean method; principal divisive direction partitioning; singular value decomposition; unsupervised classification; Application software; Clustering algorithms; Clustering methods; Computer networks; Information technology; Intelligent networks; Intrusion detection; Matrix decomposition; Protection; Singular value decomposition; Classification; Clustering; Intrusion Detection; PDDP;
Conference_Titel :
Intelligent Information Technology Application, 2008. IITA '08. Second International Symposium on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3497-8
DOI :
10.1109/IITA.2008.505
