An Intelligent Intrusion Detection and Response System Using Hybrid Ward Hierarchical Clustering Analysis

Author

Hooper, Emmanuel

Author_Institution

Univ. of London Royal Holloway, Egham

fYear

2007

fDate

26-28 April 2007

Firstpage

1187

Lastpage

1192

Abstract

Intelligent intrusion and detection strategies for reducing false positives and increasing detection within real network infrastructures has been a major challenge in information security. Current strategies often lack real network infrastructure detection and responses for distinguishing between benign traffic and complex attacks. This intelligent hybrid detection and response strategies distinguishes between real attack and normal traffic. This novel strategy consists of a hybrid statistical analysis involving Ward´s hierarchical clustering. This results of the hybrid statistical analysis is fed back to the IDS´ alert monitor to identify real attacks and isolate benign traffic. This intelligent detection and response strategy enhances the ability of the IDS to accurately detect and respond to subsequent threats and benign traffic in critical segments of real network infrastructures.

Keywords

knowledge based systems; security of data; statistical analysis; benign traffic; hybrid statistical analysis; hybrid ward hierarchical clustering analysis; information security; infrastructure detection; intelligent intrusion detection; normal traffic; response system; Clustering methods; Data mining; Information analysis; Information security; Intelligent networks; Intrusion detection; Learning systems; Performance analysis; Statistical analysis; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Multimedia and Ubiquitous Engineering, 2007. MUE '07. International Conference on

Conference_Location

Seoul

Print_ISBN

0-7695-2777-9

Type

conf

DOI

10.1109/MUE.2007.80

Filename

4197440