• DocumentCode
    3572191
  • Title

    An Unsupervised Network Intrusion Detection Based on Anomaly Analysis

  • Author

    Zhong, Jiang ; Deng, Xiongbing ; Wen, Luosheng ; Feng, Yong

  • Author_Institution
    Coll. of Comput. Sci. & Technol., Chongqing Univ., Chongqing, China
  • Volume
    2
  • fYear
    2009
  • Firstpage
    367
  • Lastpage
    370
  • Abstract
    In this paper, an novel unsupervised intrusion detection method is presented, in which the anomalies was specified by choosing a reference measure mu which determines a density and a level value rho. In order to reveal the relationship between the distribution of connection feature data sets and the reference measure mu, we proposed a new method to design SVM classifier based on RBF core, and apply this algorithm to estimate density level set for the data set, through which the anomaly network connections have been detected. Experimental results on the real network data set showed that the new method is competitive with others in that the false alarm rate is kept low without many missed detections.
  • Keywords
    computer network management; pattern classification; security of data; support vector machines; SVM classifier; anomaly analysis; anomaly network connection; connection feature data sets; density level set; reference measure; unsupervised network intrusion detection; Algorithm design and analysis; Computer networks; Density measurement; Educational institutions; Intelligent networks; Intrusion detection; Level set; Q measurement; Support vector machine classification; Support vector machines;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligent Computation Technology and Automation, 2009. ICICTA '09. Second International Conference on
  • Print_ISBN
    978-0-7695-3804-4
  • Type

    conf

  • DOI
    10.1109/ICICTA.2009.324
  • Filename
    5287923
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3572191