Skip to Main Content
Real-time detection is one of the most important issues in intrusion detection. When the network data is becoming huge and is of high dimensionality, real-time detection with high detection accuracy and low false alarm rate is challenging for previous methods. In order to handle this problem appropriately, we propose a novel anomaly detection model based on neighborhood preserving and branch and bound tree, named as ADM-NP. In this method, high-dimensional network data is mapped to a lower dimension space, reducing the complexity of computation in anomaly detection algorithm. Besides, since branch and bound tree is adopted, the KNN searching in anomaly detection algorithm becomes faster. Empirical studies based on KDD CUP 99 data set demonstrate the effectiveness of our method.