A Mixed Unsupervised Clustering-Based Intrusion Detection Model

Author

Zhang, Cuixiao ; Zhang, Guobing ; Sun, Shanshan

Author_Institution

Sch. of Comput. & Inf., Shijiazhuang Railway Inst., Shijiazhuang, China

fYear

2009

fDate

14-17 Oct. 2009

Firstpage

426

Lastpage

428

Abstract

Through analyzing the advantages and disadvantages between anomaly detection and misuse detection, a mixed intrusion detection system (IDS) model is designed. First, data is examined by the misuse detection module, then abnormal data detection is examined by anomaly detection module. In this model, the anomaly detection module is built using unsupervised clustering method, and the algorithm is an improved algorithm of K-means clustering algorithm and it is proved to have high detection rate in the anomaly detection module.

Keywords

pattern clustering; security of data; unsupervised learning; abnormal data detection; anomaly detection module; detection rate; intrusion detection system model; k-means clustering algorithm; misuse detection module; mixed unsupervised clustering-based intrusion detection model; Clustering algorithms; Clustering methods; Computer crime; Computer networks; Data security; Genetics; Information analysis; Information security; Intrusion detection; Sun; anomaly detection; clustering algorithm; intrusion detection model; unsupervised cluster;

fLanguage

English

Publisher

ieee

Conference_Titel

Genetic and Evolutionary Computing, 2009. WGEC '09. 3rd International Conference on

Conference_Location

Guilin

Print_ISBN

978-0-7695-3899-0

Type

conf

DOI

10.1109/WGEC.2009.72

Filename

5402859