Title :
Labelling Clusters in an Intrusion Detection System Using a Combination of Clustering Evaluation Techniques
Author :
S. Petrovic;G. Alvarez;A. Orfila;J. Carbo
fDate :
6/28/1905 12:00:00 AM
Abstract :
A new clusters labelling strategy, which combines the computation of the Davies-Bouldin index of the clustering and the centroid diameters of the clusters is proposed for application in anomaly based intrusion detection systems (IDS). The aim of such a strategy is to detect compact clusters containing very similar vectors and these are highly likely to be attack vectors. Experimental results comparing the effectiveness of a multiple classifier IDS with such a labelling strategy and that of the classical cardinality labelling based IDS show that the proposed strategy behaves much better in a heavily attacked environment where massive attacks are present. The parameters of the labelling algorithm can be varied in order to adapt to the conditions in the monitored network.
Keywords :
"Labeling","Intrusion detection","Condition monitoring","Clustering algorithms","Computer science","Educational institutions","Physics computing","Computerized monitoring","Computer security","Data security"
Conference_Titel :
System Sciences, 2006. HICSS ´06. Proceedings of the 39th Annual Hawaii International Conference on
Print_ISBN :
0-7695-2507-5
DOI :
10.1109/HICSS.2006.247
