Title :
Anomaly Detection Using Improved Hierarchy Clustering
Author :
Hu Liang ; Ren Wei-wu ; Ren Fei
Author_Institution :
Dept. of Comput. Sci. & Technol., Jilin Univ., Changchun, China
Abstract :
Most anomaly detection methods can not be fit for the changing and complex network. High noise and updating normality profiles not in time will lead to high false alarm rate. In this paper, a new anomaly detection algorithm using improved hierarchy clustering, called ADIHC, is proposed in this paper. It applies an improved hierarchy clustering tree to organize clusters which are obtained by density-based partitioning method. We extend the clustering algorithm and apply branch and bound method for filtering noise. With the help of two advantages: filtering noise and updating normality profiles at any time, our algorithm is suitable for the changing and complex network. A series of experimental results on well known KDD Cup 1999 dataset indicate that ADIHC has superior performance of detection and meets more real-time requirements of intrusion detection system.
Keywords :
pattern clustering; security of data; tree searching; ADIHC algorithm; anomaly detection; branch-and-bound method; density based partitioning method; improved hierarchy clustering; Artificial intelligence; Clustering algorithms; Clustering methods; Complex networks; Computational intelligence; Computer science; Detection algorithms; Filtering algorithms; Intrusion detection; Partitioning algorithms; anomaly detecion; branch and bound; hierarchy clustering; normality profiles;
Conference_Titel :
Artificial Intelligence and Computational Intelligence, 2009. AICI '09. International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-3835-8
Electronic_ISBN :
978-0-7695-3816-7
DOI :
10.1109/AICI.2009.239
