Intrusion detection in network flows based on an optimized clustering criterion

被引：9

作者：

Karimpour, Jaber ^{[1
]}

Lotfi, Shahriar ^{[1
]}

Tajari Siahmarzkooh, Aliakbar ^{[1
]}

机构：

[1] Univ Tabriz, Fac Math Sci, Dept Comp Sci, Tabriz, Iran

来源：

TURKISH JOURNAL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCES | 2017年 / 25卷 / 03期

关键词：

Attack; DARPA data set; flow; graph clustering; intrusion detection;

D O I：

10.3906/elk-1601-105

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Graph-based intrusion detection approaches consider the network as a graph and detect anomalies based on graph metrics. However, most of these approaches succumb to the cluster-based behavior of the anomalies. To resolve this problem in our study, we use flow and graph-clustering concepts to create a data set first. A new criterion related to the average weight of clusters is then defined and a model is proposed to detect attacks based on the above-mentioned criterion. Finally, the model is evaluated using a DARPA data set. Results show that the proposed approach detects the attacks with high accuracy relative to methods described in previous studies.

引用

页码：1963 / 1975

页数：13

共 50 条

[1] Intrusion Detection Using Clustering of Network Traffic Flows
Bailey, Matthew
Collins, Connor
Sinda, Matthew
Hu, Gongzhu
2017 18TH IEEE/ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING (SNDP 2017), 2017, : 615 - 620
[2] CLUSTERING-BASED NETWORK INTRUSION DETECTION
Zhong, Shi
Khoshgoftaar, Taghi M.
Seliya, Naeem
INTERNATIONAL JOURNAL OF RELIABILITY QUALITY AND SAFETY ENGINEERING, 2007, 14 (02) : 169 - 187
[3] A Clustering based Algorithm for Network Intrusion Detection
Arya, K. V.
Kumar, Hemant
PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON SECURITY OF INFORMATION AND NETWORKS, 2012, : 193 - 196
[4] Optimized clustering for anomaly intrusion detection
Oh, SH
Lee, WS
ADVANCES IN KNOWLEDGE DISCOVERY AND DATA MINING, 2003, 2637 : 576 - 581
[5] Intrusion Detection Based on PCA and Fuzzy Clustering optimized by CS
Li, Zixuan
Su, Yixin
Han, Qihang
2017 CHINESE AUTOMATION CONGRESS (CAC), 2017, : 6334 - 6339
[6] Intrusion detection method research based on optimized self-buildup clustering neural network
Qiao, R
Chen, B
ICIA 2004: Proceedings of 2004 International Conference on Information Acquisition, 2004, : 144 - 146
[7] Clustering-Based Network Intrusion Detection System
Fan, Chun-I
Lai, Yen-Lin
Shie, Cheng-Han
2022 5TH IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING (IEEE DSC 2022), 2022,
[8] Network intrusion detection based on artificial immune clustering
Zhong, J. (zhongjiang@cqu.edu.cn), 1600, Binary Information Press, Flat F 8th Floor, Block 3, Tanner Garden, 18 Tanner Road, Hong Kong (10):
[9] Adaptive clustering for network intrusion detection
Oldmeadow, J
Ravinutala, S
Leckie, C
ADVANCES IN KNOWLEDGE DISCOVERY AND DATA MINING, PROCEEDINGS, 2004, 3056 : 255 - 259
[10] Network traffic clustering for intrusion detection
Arina, Nikishova
Irina, Ananina
Evgeny, Ananin
PROCEEDINGS OF THE IV INTERNATIONAL RESEARCH CONFERENCE INFORMATION TECHNOLOGIES IN SCIENCE, MANAGEMENT, SOCIAL SPHERE AND MEDICINE (ITSMSSM 2017), 2017, 72 : 252 - 256

← 1 2 3 4 5 →