Title :
Distributed intrusion detection based on clustering
Author :
Zhang, Yu-fang ; Xiong, Zhong-Yang ; Wang, Xiu-Qiong
Author_Institution :
Dept. of Comput. Sci., Chongqing Univ., China
Abstract :
The research on distributed intrusion detection system (DIDS) is a rapidly growing area of interest because the existence of centralized intrusion detection system (IDS) techniques is increasingly unable to protect the global distributed information infrastructure. Distributed analysis employed by agent-based DIDS is an accepted fabulous method. Clustering-based intrusion detection technique overcomes the drawbacks of relying on labeled training data which most current anomaly-based intrusion detection depend on. Clustering-based DIDS technique according to the advantages of two techniques is presented. For effectively choosing the attacks, twice clustering is employed: the first clustering is to choose the candidate anomalies at agent IDS and the second clustering is to choose the true attack at central IDS. At last, through experiment on the KDD CUP 1999 data records of network connections verified that the methods put forward is better.
Keywords :
data mining; learning (artificial intelligence); mobile agents; security of data; workstation clusters; KDD CUP 1999 data records; agent-based DIDS; clustering-based DIDS technique; distributed intrusion detection system; global distributed information infrastructure; Computer science; Data analysis; Data mining; Data security; Intrusion detection; Monitoring; Pattern analysis; Pattern recognition; Protection; Training data; Anomaly detection; Cluster; Data mining; Distributed intrusion Detection system; Intrusion detection;
Conference_Titel :
Machine Learning and Cybernetics, 2005. Proceedings of 2005 International Conference on
Conference_Location :
Guangzhou, China
Print_ISBN :
0-7803-9091-1
DOI :
10.1109/ICMLC.2005.1527342
