By Topic

Research on Network anomaly Detection Based on Clustering and Classifier

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Hongyu Yang ; Tianjin Key Lab for Adv. Signal Process., Civil Aviation Univ. of China, Tianjin ; Feng Xie ; Yi Lu

In this paper, we propose a method to find the anomalous behaviors in network traffic. We map the network connection records into different feature spaces typically of high dimension according to their protocols and services. In training, we perform clustering to group training data points into clusters, from which we select some clusters as normal and known-attack profile according to a simple, but effect, criterion. For those training data excluded from the profile, we use them to build a specific classifier. The classifier has two distinct characteristics: one is that it regards each data point in the feature space with the limited influence scope, which is served as the decisive bounds of the classifier, and the other is that it has the "default" label to recognize those novel attacks. We present a novel classification algorithm, influence-based classification algorithm, to deal with ambiguous data. Our system is tested on the KDD Cup 1999 data. Results show that it is superior to other data mining based approaches in detection performance, especially in detection of PROBE and U2R attacks

Published in:

Computational Intelligence and Security, 2006 International Conference on  (Volume:1 )

Date of Conference:

Nov. 2006