Anomaly-Based Intrusion Detection using Fuzzy Rough Clustering

Author

Chimphlee, Witcha ; Abdullah, Abdul Hanan ; Sap, Mohd Noor Md ; Srinoy, Surat ; Chimphlee, Siriporn

Author_Institution

Fac. of Sci. & Technol., Suan Dusit Rajabhat Univ.

Volume

1

fYear

2006

fDate

9-11 Nov. 2006

Firstpage

329

Lastpage

334

Abstract

It is an important issue for the security of network to detect new intrusion attack and also to increase the detection rates and reduce false positive rates in intrusion detection system (IDS). Anomaly intrusion detection focuses on modeling normal behaviors and identifying significant deviations, which could be novel attacks. The normal and the suspicious behavior in computer networks are hard to predict as the boundaries between them cannot be well defined. We apply the idea of the fuzzy rough c-means (FRCM) to clustering analysis. FRCM integrates the advantage of fuzzy set theory and rough set theory that the improved algorithm to network intrusion detection. The experimental results on dataset KDDCup99 show that our method outperforms the existing unsupervised intrusion detection methods

Keywords

computer networks; fuzzy set theory; pattern clustering; rough set theory; security of data; anomaly-based intrusion detection; computer networks; fuzzy rough c-means; fuzzy rough clustering; fuzzy set theory; intrusion attack; Clustering algorithms; Data security; Electronic mail; Fuzzy systems; Intrusion detection; Monitoring; Protection; Telecommunication traffic; Training data; Unsupervised learning;

fLanguage

English

Publisher

ieee

Conference_Titel

Hybrid Information Technology, 2006. ICHIT '06. International Conference on

Conference_Location

Cheju Island

Print_ISBN

0-7695-2674-8

Type

conf

DOI

10.1109/ICHIT.2006.253508

Filename

4021111