Article ID Journal Published Year Pages File Type
554864 Decision Support Systems 2006 15 Pages PDF
Abstract

This paper presents a novel anomaly detection and clustering algorithm for the network intrusion detection based on factor analysis and Mahalanobis distance. Factor analysis is used to uncover the latent structure of a set of variables. The Mahalanobis distance is used to determine the “similarity” of a set of values from an “unknown” sample to a set of values measured from a collection of “known” samples. By utilizing factor analysis and Mahalanobis distance, we developed an algorithm 1) to identify outliers based on a trained model, and 2) to cluster attacks by abnormal features.

Related Topics
Physical Sciences and Engineering Computer Science Information Systems
Authors
, ,