入侵检测利用网络流量的聚类

2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD) Pub Date : 2017-06-26 DOI:10.1109/SNPD.2017.8022786

Matthew J. Bailey, Connor Collins, Matthew Sinda, Gongzhu Hu

{"title":"入侵检测利用网络流量的聚类","authors":"Matthew J. Bailey, Connor Collins, Matthew Sinda, Gongzhu Hu","doi":"10.1109/SNPD.2017.8022786","DOIUrl":null,"url":null,"abstract":"This paper investigates the continued need for intrusion detection systems (IDS) in computer networks. It explores some of the ways that data mining techniques can be used to improve IDS, and looks at how others have implemented those techniques. It then highlights a method for developing an intrusion detection model using DBSCAN clustering and presents the results of the clustering algorithm as applied to a real-world data set. Finally, the paper concludes that clustering as an intrusion detection technique produces accurate results, but that special considerations must be made both with regard to outliers and the type of traffic flowing across the network.","PeriodicalId":186094,"journal":{"name":"2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Intrusion detection using clustering of network traffic flows\",\"authors\":\"Matthew J. Bailey, Connor Collins, Matthew Sinda, Gongzhu Hu\",\"doi\":\"10.1109/SNPD.2017.8022786\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper investigates the continued need for intrusion detection systems (IDS) in computer networks. It explores some of the ways that data mining techniques can be used to improve IDS, and looks at how others have implemented those techniques. It then highlights a method for developing an intrusion detection model using DBSCAN clustering and presents the results of the clustering algorithm as applied to a real-world data set. Finally, the paper concludes that clustering as an intrusion detection technique produces accurate results, but that special considerations must be made both with regard to outliers and the type of traffic flowing across the network.\",\"PeriodicalId\":186094,\"journal\":{\"name\":\"2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-06-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SNPD.2017.8022786\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SNPD.2017.8022786","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

本文探讨了计算机网络对入侵检测系统(IDS)的持续需求。本文探讨了数据挖掘技术用于改进IDS的一些方法，并介绍了其他人是如何实现这些技术的。然后重点介绍了一种使用DBSCAN聚类开发入侵检测模型的方法，并介绍了应用于实际数据集的聚类算法的结果。最后，本文得出结论，聚类作为一种入侵检测技术可以产生准确的结果，但必须对异常值和网络流量类型进行特殊考虑。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Intrusion detection using clustering of network traffic flows

This paper investigates the continued need for intrusion detection systems (IDS) in computer networks. It explores some of the ways that data mining techniques can be used to improve IDS, and looks at how others have implemented those techniques. It then highlights a method for developing an intrusion detection model using DBSCAN clustering and presents the results of the clustering algorithm as applied to a real-world data set. Finally, the paper concludes that clustering as an intrusion detection technique produces accurate results, but that special considerations must be made both with regard to outliers and the type of traffic flowing across the network.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)

自引率

0.00%

发文量