Study of Fast Clustering Algorithm Based on Foregone Samples in Intrusion Detections

Author

Liu Tao ; Hou Yuan-Bin ; Qi Ai-ling ; Chang Xin-Tan

Author_Institution

Safe Technol. Inst., Xi´an Univ. of Sci. & Technol., Xi´an

Volume

1

fYear

2009

fDate

25-26 April 2009

Firstpage

633

Lastpage

636

Abstract

A fast clustering algorithm based on foregone samples for mixed data (FCABFS) in network anomaly detections technology is proposed in this paper. Original clustering center is exactly obtained by FCABFS through training foregone samples; Clustering center and non- similarity is calculated by separating objects. This algorithm solved problem of the higher false positive rate and the lower detection rate caused by using traditional clustering method with random selecting original clustering center and computing single attribute(continual or discrete) only in network anomaly detection. The experimental results compared with traditional clustering algorithm show that the detection rate is promoted 30%, and the false positive rate is diminished 25%. This algorithm can also obtain detections to new type attack through the method of unsupervised learning.

Keywords

pattern clustering; security of data; telecommunication security; unsupervised learning; K-means clustering algorithm; foregone sample training; intrusion detection; network anomaly detection technology; unsupervised learning; Clustering algorithms; Clustering methods; Computer networks; Computer science; Computer security; Control engineering; Intrusion detection; Partitioning algorithms; Unsupervised learning; Wireless communication; anomaly detection; clustering; intrusion detections; k-means;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC '09. International Conference on

Conference_Location

Wuhan, Hubei

Print_ISBN

978-1-4244-4223-2

Type

conf

DOI

10.1109/NSWCTC.2009.62

Filename

4908344