Clustering for Intrusion Detection: Network Scans as a Case of Study

被引：0

作者：

Sanchez, Raul ^{[1
]}

Herrero, Alvaro ^{[1
]}

Corchado, Emilio ^{[2
]}

机构：

[1] Univ Burgos, Dept Civil Engn, Spain C Francisco de Vitoria S-N, Burgos 09006, Spain

[2] Univ Salamanca, Dept Informat & Automat, Salamanca 37008, Spain

来源：

INTERNATIONAL JOINT CONFERENCE CISIS'12 - ICEUTE'12 - SOCO'12 SPECIAL SESSIONS | 2013年 / 189卷

关键词：

Network Intrusion Detection; Computational Intelligence; Exploratory Projection Pursuit; Clustering; Automatic Response; TRAFFIC DATA;

D O I：

暂无

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

MOVICAB-IDS has been previously proposed as a hybrid intelligent Intrusion Detection System (IDS). This on-going research aims to be one step towards adding automatic response to this visualization-based IDS by means of clustering techniques. As a sample case of study for the proposed clustering extension, it has been applied to the identification of different network scans. The aim is checking whether clustering and projection techniques could be compatible and consequently applied to a continuous network flow for intrusion detection. A comprehensive experimental study has been carried out on previously generated real-life data sets. Empirical results suggest that projection and clustering techniques could work in unison to enhance MOVICAB-IDS.

引用

页码：33 / +

页数：3

共 19 条

[1] Visualizing network data for intrusion detection
Abdullah, K
Lee, A
Conti, G
Copeland, JA
[J]. PROCEEDINGS FROM THE SIXTH ANNUAL IEEE SYSTEMS, MAN AND CYBERNETICS INFORMATION ASSURANCE WORKSHOP, 2005, : 100 - 108
[2] Anderberg M.R., 1973, CLUSTER ANAL APPL, DOI DOI 10.1016/C2013-0-06161-0
[3] [Anonymous], 1988, Technometrics, DOI DOI 10.2307/1268876
[4] [Anonymous], ACM COMPUTING SURVEY
[5] Computer Security Threat Monitoring and Surveillance, 1980, TECHNICAL REPORT
[6] Corchado E, 2004, LECT NOTES COMPUT SC, V3190, P141
[7] Structuring global responses of local filters using lateral connections
Corchado, E
Han, Y
Fyfe, C
[J]. JOURNAL OF EXPERIMENTAL & THEORETICAL ARTIFICIAL INTELLIGENCE, 2003, 15 (04) : 473 - 487
[8] Connectionist techniques for the identification and suppression of interfering underlying factors
Corchado, E
Fyfe, C
[J]. INTERNATIONAL JOURNAL OF PATTERN RECOGNITION AND ARTIFICIAL INTELLIGENCE, 2003, 17 (08) : 1447 - 1466
[9] Neural visualization of network traffic data for intrusion detection
Corchado, Emilio
Herrero, Alvaro
[J]. APPLIED SOFT COMPUTING, 2011, 11 (02) : 2042 - 2056
[10] AN INTRUSION-DETECTION MODEL
DENNING, DE
[J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1987, 13 (02) : 222 - 232

← 1 2 →