Unsupervised Learning: A Fusion of Rough Sets and Fuzzy Ants Clustering for Anomaly Detection System

Author

Srinoy, Surat ; Kurutach, Werasak

Author_Institution

Suan Dusit Rajabhat Univ., Bangkok

Volume

2

fYear

2006

fDate

8-11 Oct. 2006

Firstpage

1079

Lastpage

1084

Abstract

The Traditional intrusion detection systems (IDS) look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. However, normal operation often produces traffic that matches likely "attack signature", resulting in false alarms. One main drawback is the inability of detecting new attacks which do not have known signatures. In this paper we propose an intrusion detection method that proposes rough set based feature selection heuristics and using fuzzy ants for clustering data. Rough set has to decrease the amount of data and get rid of redundancy. Fuzzy ants clustering methods allow objects to belong to several clusters simultaneously, with different degrees of membership. Our approach allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack The experimental results on Knowledge Discovery and Data Mining-(KDDCup 1999) dataset.

Keywords

data mining; fuzzy set theory; pattern clustering; rough set theory; security of data; unsupervised learning; anomaly detection system; data mining; fuzzy ant clustering; intrusion detection system; knowledge discovery; network traffic; rough set; unsupervised learning; Clustering methods; Computer networks; Cybernetics; Data security; Fuzzy sets; Fuzzy systems; Intrusion detection; Rough sets; Telecommunication traffic; Unsupervised learning;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems, Man and Cybernetics, 2006. SMC '06. IEEE International Conference on

Conference_Location

Taipei

Print_ISBN

1-4244-0099-6

Electronic_ISBN

1-4244-0100-3

Type

conf

DOI

10.1109/ICSMC.2006.384543

Filename

4273991