Title :
A cooperative network intrusion detection based on heterogeneous distance function clustering
Author :
Teng, Shaohua ; Du, Hongle ; Zhang, Wei ; Fu, Xiufen ; Li, Xiaocong
Author_Institution :
Faculty of computer Guangdong University of Technology, Guangzhou City, China
Abstract :
Because the network connection information contains nominal and linear attributes, and linear attributes are divided into continuous and discrete attributes, the network connection information is the heterogeneous data. The heterogeneous distance functions are used to cluster data in this paper. The cooperative network intrusion detection based on semi-supervised clustering algorithm is proposed. Firstly, the network data flows are divided into three data flows (TCP flow, UDP flow, and ICMP flow) according to network protocol and are sent to three detection agents. Then every detection agent constructs the detection model using the fuzzy c-means clustering algorithm based on the HVDM (Heterogeneous Value Difference Metric) distance. Finally, revise and verify the detection model by using test data. Simulation experiments are done by using KDD CUP 1999 data set, results show that the method presented here is feasible and efficient.
Keywords :
Cities and towns; Clustering algorithms; Collaborative work; Computer networks; Intrusion detection; Learning systems; Partitioning algorithms; Protection; Protocols; Testing; Cluster; Cooperative; Fuzzy C-Means Algorithm; Heterogeneous Distance Function; Intrusion Detection;
Conference_Titel :
Computer Supported Cooperative Work in Design (CSCWD), 2010 14th International Conference on
Conference_Location :
Shanghai, China
Print_ISBN :
978-1-4244-6763-1
DOI :
10.1109/CSCWD.2010.5471988
