Y-means: A clustering method for intrusion detection

被引:0
|
作者
Guan, Y [1 ]
Ghorbani, AA [1 ]
Belacel, N [1 ]
机构
[1] Univ New Brunswick, Fac Comp Sci, Fredericton, NB E3B 5A3, Canada
来源
CCECE 2003: CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING, VOLS 1-3, PROCEEDINGS: TOWARD A CARING AND HUMANE TECHNOLOGY | 2003年
关键词
clustering; intrusion detection; K-means; outlier;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
As the Internet spreads to each corner of the world, computers are exposed to miscellaneous intrusions from the World Wide Web. We need effective intrusion detection systems to protect our computers from these unauthorized or malicious actions. Traditional instance-based learning methods for Intrusion Detection can only detect known intrusions since these methods classify instances based on what they have learned They rarely detect the intrusions that they have not learned before. In this paper we present a clustering heuristic for intrusion detection, called Y-means. This proposed heuristic is based on the K-means algorithm and other related clustering algorithms. It overcomes two shortcomings of K-means: number of clusters dependency and degeneracy. The result of simulations run on the KDD-99 data set shows that Y-means is an effective method for partitioning large data space. A detection rate of 89.89% and a false alarm rate of 1.00% are achieved with Y-means.
引用
收藏
页码:1083 / 1086
页数:4
相关论文
共 50 条
  • [31] An improved unsupervised clustering-based intrusion detection method
    Hai, YJ
    Wu, Y
    Wang, GY
    Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, 2005, 5812 : 52 - 60
  • [32] A neighbor propagation clustering algorithm for intrusion detection
    Li Z.
    Li, Zheng (lizh_1981@163.com), 1600, International Information and Engineering Technology Association (34): : 331 - 336
  • [33] A supervised clustering algorithm for computer intrusion detection
    Li, XY
    Ye, N
    KNOWLEDGE AND INFORMATION SYSTEMS, 2005, 8 (04) : 498 - 509
  • [34] A supervised clustering algorithm for computer intrusion detection
    Xiangyang Li
    Nong Ye
    Knowledge and Information Systems, 2005, 8 : 498 - 509
  • [35] Network intrusion detection technology based on improved C-means clustering algorithm
    Wang, Yanjun
    Journal of Networks, 2013, 8 (11) : 2541 - 2547
  • [36] Application of Network Intrusion Detection Based on Fuzzy C-Means Clustering Algorithm
    Ren, Wuling
    Cao, Jinzhu
    Wu, Xianjie
    2009 THIRD INTERNATIONAL SYMPOSIUM ON INTELLIGENT INFORMATION TECHNOLOGY APPLICATION, VOL 3, PROCEEDINGS, 2009, : 19 - +
  • [37] A Weighted Support Vector Clustering Algorithm and its Application in Network Intrusion Detection
    Sun, Sheng
    Wang, YuanZhen
    PROCEEDINGS OF THE FIRST INTERNATIONAL WORKSHOP ON EDUCATION TECHNOLOGY AND COMPUTER SCIENCE, VOL I, 2009, : 352 - +
  • [38] An Intrusion Detection Method Based on Damped Window of Data Stream Clustering
    Li, Shengnan
    Zhou, Xiaofeng
    2017 NINTH INTERNATIONAL CONFERENCE ON INTELLIGENT HUMAN-MACHINE SYSTEMS AND CYBERNETICS (IHMSC 2017), VOL 1, 2017, : 211 - 214
  • [39] An intrusion detection method for internet of things based on suppressed fuzzy clustering
    Liu, Liqun
    Xu, Bing
    Zhang, Xiaoping
    Wu, Xianjun
    EURASIP JOURNAL ON WIRELESS COMMUNICATIONS AND NETWORKING, 2018,
  • [40] An adaptive intrusion detection algorithm based on clustering and kernel-method
    Lee, Hansung
    Chung, Yongwha
    Park, Daihee
    ADVANCES IN KNOWLEDGE DISCOVERY AND DATA MINING, PROCEEDINGS, 2006, 3918 : 603 - 610
12345