By Topic

Applying kernel methods to anomaly based intrusion detection systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Ali, K. ; David R. Cheriton Sch. of Comput. Sci., Univ. of Waterloo, Waterloo, ON, Canada ; Boutaba, R.

Intrusion detection systems constitute a crucial cornerstone in securing computer networks especially after the recent advancements in attacking techniques. IDSes can be categorized according to the nature of detection into two major categories: signature-based and anomaly-based. In this paper we present KBIDS, a kernel-based method for an anomaly-based IDS that tries to cluster the training data to be able to classify the test data correctly. The method depends on the K-Means algorithm that is used for clustering. Our experiments show that the accuracy of detection of KBIDS increases exponentially with the number of clusters. However, the time taken to classify the given test data increase linearly with the number of clusters. It can be derived from the results that 16 clusters are sufficient to achieve an acceptable error rate while keeping the detection delay in bounds.

Published in:

Information Infrastructure Symposium, 2009. GIIS '09. Global

Date of Conference:

23-26 June 2009