Title :
An Unsupervised Network Intrusion Detection Based on Anomaly Analysis
Author :
Zhong, Jiang ; Deng, Xiongbing ; Wen, Luosheng ; Feng, Yong
Author_Institution :
Coll. of Comput. Sci. & Technol., Chongqing Univ., Chongqing, China
Abstract :
In this paper, an novel unsupervised intrusion detection method is presented, in which the anomalies was specified by choosing a reference measure mu which determines a density and a level value rho. In order to reveal the relationship between the distribution of connection feature data sets and the reference measure mu, we proposed a new method to design SVM classifier based on RBF core, and apply this algorithm to estimate density level set for the data set, through which the anomaly network connections have been detected. Experimental results on the real network data set showed that the new method is competitive with others in that the false alarm rate is kept low without many missed detections.
Keywords :
computer network management; pattern classification; security of data; support vector machines; SVM classifier; anomaly analysis; anomaly network connection; connection feature data sets; density level set; reference measure; unsupervised network intrusion detection; Algorithm design and analysis; Computer networks; Density measurement; Educational institutions; Intelligent networks; Intrusion detection; Level set; Q measurement; Support vector machine classification; Support vector machines;
Conference_Titel :
Intelligent Computation Technology and Automation, 2009. ICICTA '09. Second International Conference on
Print_ISBN :
978-0-7695-3804-4
DOI :
10.1109/ICICTA.2009.324
