DocumentCode :
2823098
Title :
Anomaly Detection by Clustering in the Network
Author :
Guo, Feng ; Yang, Yingzhen ; Duan, Lian
Author_Institution :
Pervasive Comput. Lab., Zhejiang Univ., Hangzhou, China
fYear :
2009
fDate :
11-13 Dec. 2009
Firstpage :
1
Lastpage :
4
Abstract :
Intrusions impose serious security threat to network environment, so it is necessary to detect and cope with them. Many intrusion detection methods focus on signature detection, where models are built to recognize known attacks. However, signature detection, limited by its nature, cannot detect novel attacks. New intrusion types, of which detection systems may not even be aware, are difficult to detect. Anomaly detection focuses on modeling the normal behavior and identifying significant deviations, which could be novel attacks. In this paper we present a clustering algorithm to identify outliers. It performs clustering on feature vectors collected from the network and can automatically detect new types of intrusions without need of manual classification of training data. Experimental results show that our system achieves a satisfactory intrusions detection rate while keeping the false positive rate reasonably low.
Keywords :
computer network security; digital signatures; pattern clustering; anomaly detection; clustering algorithm; data training classification; intrusion detection methods; network clustering; signature detection; Cities and towns; Clustering algorithms; Computer network management; Computer science; Educational institutions; Environmental management; Event detection; Internet; Intrusion detection; Pervasive computing;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computational Intelligence and Software Engineering, 2009. CiSE 2009. International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-4507-3
Electronic_ISBN :
978-1-4244-4507-3
Type :
conf
DOI :
10.1109/CISE.2009.5363695
Filename :
5363695
Link To Document :
بازگشت