کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
416754 681398 2006 13 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Threshold-based clustering with merging and regularization in application to network intrusion detection
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر نظریه محاسباتی و ریاضیات
پیش نمایش صفحه اول مقاله
Threshold-based clustering with merging and regularization in application to network intrusion detection
چکیده انگلیسی

Signature-based intrusion detection systems look for known, suspicious patterns in the input data. In this paper we explore compression of labeled empirical data using threshold-based clustering with regularization. The main target of clustering is to compress training dataset to the limited number of signatures, and to minimize the number of comparisons that are necessary to determine the status of the input event as a result. Essentially, the process of clustering includes merging of the clusters which are close enough. As a consequence, we will reduce original dataset to the limited number of labeled centroids. In a complex with k-nearest-neighbor (kNN) method, this set of centroids may be used as a multi-class classifier. The experiments on the KDD-99 intrusion detection dataset have confirmed effectiveness of the above procedure.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computational Statistics & Data Analysis - Volume 51, Issue 2, 15 November 2006, Pages 1184–1196
نویسندگان
,