Title :
Applying fuzzy data mining to network unsupervised anomaly detection
Author :
Xiang, Gao ; Min, Wang ; Rongchun, Zhao
Author_Institution :
Sch. of Comput., Northwestern Polytech Univ., Xi´´an, China
Abstract :
Most current intrusion detection system employ signature-based methods or data mining-based methods which rely on labeled training data, however, in practice, this training data is typically expensive to produce. In contrast, unsupervised anomaly detection has great utility within the context of network intrusion detection system. Such a system can work without the need for massive sets of pre-labeled training data and has the added versatility of being free of the over specialization that comes with systems tailored for specific sets of attacks. Thus, with a system that seeks only to define and categorize normalcy, there is the potential to detect new types of network attacks without any prior knowledge of their existence. This paper discusses the creation of such a system that uses a fuzzy cluster algorithm to detect anomalies in network connections; we evaluate our method by performing experiments over network records from the KDD CUP99 data set.
Keywords :
computer networks; data mining; pattern clustering; security of data; KDD CUP99 data set; fuzzy cluster algorithm; fuzzy data mining; labeled training data; network connections; network intrusion detection system; network records; network unsupervised anomaly detection; signature-based methods; Clustering algorithms; Data engineering; Data mining; Fuzzy sets; Fuzzy systems; Intrusion detection; Military computing; Terrorism; Testing; Training data;
Conference_Titel :
Communications and Information Technology, 2005. ISCIT 2005. IEEE International Symposium on
Print_ISBN :
0-7803-9538-7
DOI :
10.1109/ISCIT.2005.1567105
