Clustering and Neural Visualization for Flow-Based Intrusion Detection

被引:0
作者
Sanchez, Raul [1 ]
Herrero, Alvaro [1 ]
Corchado, Emilio [2 ]
机构
[1] Univ Burgos, Dept Civil Engn, Burgos 09006, Spain
[2] Univ Salamanca, Dept Informat & Automat, E-37008 Salamanca, Spain
来源
INTERNATIONAL JOINT CONFERENCE: CISIS'15 AND ICEUTE'15 | 2015年 / 369卷
关键词
Network intrusion detection; Network flow; Neural projection; Clustering; IDS; ALGORITHM;
D O I
10.1007/978-3-319-19713-5_29
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
To secure a system, potential threats must be identified and therefore, attack features are understood and predicted. Present work aims at being one step towards the proposal of an Intrusion Detection System (IDS) that faces zero-day attacks. To do that, MObile VIsualisation Connectionist Agent-Based IDS (MOVICAB-IDS), previously proposed as a hybrid-intelligent visualization-based IDS, is being upgraded by adding clustering methods. To check the validity of the proposed clustering extension, it faces a realistic flow-based dataset in present paper. The analyzed data come from a honeypot directly connected to the Internet (thus ensuring attack-exposure) and is analyzed by clustering and neural tools, individually and in conjunction. Through the experimental stage, it is shown that the combination of clustering and neural projection improves the detection capability on a continuous network flow.
引用
收藏
页码:333 / 345
页数:13
相关论文
共 50 条
[21]   Anomaly intrusion detection based on clustering a data stream [J].
Oh, Sang-Hyun ;
Kang, Jin-Suk ;
Bytin, Yung-Cheol ;
Jeong, Taikyeong T. ;
Lee, Won-Suk .
INFORMATION SECURITY, PROCEEDINGS, 2006, 4176 :415-426
[22]   Design of network intrusion detection system based on parallel DPC clustering algorithm [J].
Wang, Jing ;
Han, Dezhi .
INTERNATIONAL JOURNAL OF EMBEDDED SYSTEMS, 2020, 13 (03) :318-327
[23]   A clustering algorithm for intrusion detection [J].
Wang, Q ;
Megalooikonomou, V .
DATA MINING, INTRUSION DETECTION, INFORMATION ASSURANCE, AND DATA NETWORKS SECURITY 2005, 2005, 5812 :31-38
[24]   Go With the Flow: Clustering Dynamically-Defined NetFlow Features for Network Intrusion Detection with DYNIDS [J].
Dias, Luis ;
Valente, Simao ;
Correia, Miguel .
2020 IEEE 19TH INTERNATIONAL SYMPOSIUM ON NETWORK COMPUTING AND APPLICATIONS (NCA), 2020,
[25]   A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering [J].
Wang, Gang ;
Hao, Jinxing ;
Ma, Jian ;
Huang, Lihua .
EXPERT SYSTEMS WITH APPLICATIONS, 2010, 37 (09) :6225-6232
[26]   A Clustering-Based Method for Intrusion Detection in Web Servers [J].
Pereira, Hermano ;
Jamhour, Edgard .
2013 20TH INTERNATIONAL CONFERENCE ON TELECOMMUNICATIONS (ICT), 2013,
[27]   The Research of Intrusion Detection Algorithms Based on the Clustering of Information Entropy [J].
Ye Zheng-wang .
2011 INTERNATIONAL CONFERENCE OF ENVIRONMENTAL SCIENCE AND ENGINEERING, VOL 12, PT B, 2012, 12 :1329-1334
[28]   Feature Grouping for Intrusion Detection System Based on Hierarchical Clustering [J].
Song, Jingping ;
Zhu, Zhiliang ;
Price, Chris .
AVAILABILITY, RELIABILITY, AND SECURITY IN INFORMATION SYSTEMS, 2014, 8708 :270-+
[29]   Clustering based on swarm intelligence with application to anomaly intrusion detection [J].
Feng, Y ;
Wu, KG ;
Wu, ZF ;
Zhong, J ;
Li, H .
Proceedings of the 11th Joint International Computer Conference, 2005, :488-491
[30]   Clustering for Intrusion Detection: Network Scans as a Case of Study [J].
Sanchez, Raul ;
Herrero, Alvaro ;
Corchado, Emilio .
INTERNATIONAL JOINT CONFERENCE CISIS'12 - ICEUTE'12 - SOCO'12 SPECIAL SESSIONS, 2013, 189 :33-+
12345