Title :
The Anomaly Detection by Using DBSCAN Clustering with Multiple Parameters
Author :
Thang, Tran Manh ; Kim, Juntae
Author_Institution :
Dept. of Comput. Eng., Dongguk Univ., Seoul, South Korea
Abstract :
DBSCAN is one of powerful density-based clustering algorithms for detecting outliers, but there are some difficulties in finding its parameters (epsilon and minpts). Currently, there is also no way to use DBSCAN with different parameters for different cluster when it is applied to anomaly detection when network traffic includes multiple traffic types with different characteristics. In this paper, we propose a new way of finding DBSCAN´s parameters and applying DBSCAN with those parameters. Each cluster may have different epsilon and minpts values in our algorithm. The algorithm is called DBSCAN-MP. We also propose a mechanism of updating normal behavior by updating size or creating new clusters when network environment is changing overtime. We evaluate proposed algorithm using the KDD Cup 1999 dataset. The result shows that the performance is improved compare to other clustering algorithms.
Keywords :
data mining; pattern clustering; security of data; DBSCAN clustering; KDD Cup 1999 dataset; anomaly detection; density-based clustering algorithms; epsilon values; minpts values; multiple parameters; multiple traffic types; network environment; network traffic; outlier detection; Clustering algorithms; Computer crime; Data mining; Merging; Partitioning algorithms; Training; Training data;
Conference_Titel :
Information Science and Applications (ICISA), 2011 International Conference on
Conference_Location :
Jeju Island
Print_ISBN :
978-1-4244-9222-0
Electronic_ISBN :
978-1-4244-9223-7
DOI :
10.1109/ICISA.2011.5772437
