一种基于异常的集成聚类网络入侵检测系统

Q3 Business, Management and Accounting
V. Jackins, D. Punithavathani
{"title":"一种基于异常的集成聚类网络入侵检测系统","authors":"V. Jackins, D. Punithavathani","doi":"10.1504/IJENM.2018.10015839","DOIUrl":null,"url":null,"abstract":"The numbers of hacking and intrusion incidents are high due to the increasing use of internet services and computer application. Therefore, intrusion detection systems (IDS) are inevitable in today's scenario (Koruba et al., 2017). In this paper, an unsupervised technique based on hybrid clustering algorithms is used for Anomaly detection. Incremental support vector machine (ISVM) and C means (FCM) algorithms are applied to preprocess the data set and detect the anomalies respectively. Further, the processed data is fed to the DBSCAN algorithm for further detection of anomalies. The results of the detection system are communicated to the intrusion prevention system (IPS). The proposed hybrid algorithm is applied for KDD Cup 1999 dataset and Gure Kdd Cup data base (2008) and the results show high detection rates and low false positive alarms. Further, the proposed technique performs well with a real time data in detecting anomalies with enhanced true positive rate.","PeriodicalId":39284,"journal":{"name":"International Journal of Enterprise Network Management","volume":"9 1","pages":"251"},"PeriodicalIF":0.0000,"publicationDate":"2018-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"An anomaly-based network intrusion detection system using ensemble clustering\",\"authors\":\"V. Jackins, D. Punithavathani\",\"doi\":\"10.1504/IJENM.2018.10015839\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The numbers of hacking and intrusion incidents are high due to the increasing use of internet services and computer application. Therefore, intrusion detection systems (IDS) are inevitable in today's scenario (Koruba et al., 2017). In this paper, an unsupervised technique based on hybrid clustering algorithms is used for Anomaly detection. Incremental support vector machine (ISVM) and C means (FCM) algorithms are applied to preprocess the data set and detect the anomalies respectively. Further, the processed data is fed to the DBSCAN algorithm for further detection of anomalies. The results of the detection system are communicated to the intrusion prevention system (IPS). The proposed hybrid algorithm is applied for KDD Cup 1999 dataset and Gure Kdd Cup data base (2008) and the results show high detection rates and low false positive alarms. Further, the proposed technique performs well with a real time data in detecting anomalies with enhanced true positive rate.\",\"PeriodicalId\":39284,\"journal\":{\"name\":\"International Journal of Enterprise Network Management\",\"volume\":\"9 1\",\"pages\":\"251\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-09-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Enterprise Network Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/IJENM.2018.10015839\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Business, Management and Accounting\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Enterprise Network Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJENM.2018.10015839","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Business, Management and Accounting","Score":null,"Total":0}
引用次数: 4

摘要

由于越来越多地使用互联网服务和计算机应用程序,黑客和入侵事件的数量很高。因此,入侵检测系统(IDS)在今天的场景中是不可避免的(Koruba等人,2017)。本文将一种基于混合聚类算法的无监督技术用于异常检测。分别采用增量支持向量机(ISVM)和C均值(FCM)算法对数据集进行预处理和异常检测。此外,处理后的数据被馈送到DBSCAN算法,用于进一步检测异常。检测系统的结果被传送到入侵防御系统(IPS)。将所提出的混合算法应用于KDD Cup 1999数据集和Gure KDD Cup数据库(2008),结果表明检测率高,误报率低。此外,所提出的技术在检测具有增强的真阳性率的异常方面与实时数据表现良好。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
An anomaly-based network intrusion detection system using ensemble clustering
The numbers of hacking and intrusion incidents are high due to the increasing use of internet services and computer application. Therefore, intrusion detection systems (IDS) are inevitable in today's scenario (Koruba et al., 2017). In this paper, an unsupervised technique based on hybrid clustering algorithms is used for Anomaly detection. Incremental support vector machine (ISVM) and C means (FCM) algorithms are applied to preprocess the data set and detect the anomalies respectively. Further, the processed data is fed to the DBSCAN algorithm for further detection of anomalies. The results of the detection system are communicated to the intrusion prevention system (IPS). The proposed hybrid algorithm is applied for KDD Cup 1999 dataset and Gure Kdd Cup data base (2008) and the results show high detection rates and low false positive alarms. Further, the proposed technique performs well with a real time data in detecting anomalies with enhanced true positive rate.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
International Journal of Enterprise Network Management
International Journal of Enterprise Network Management Business, Management and Accounting-Management of Technology and Innovation
CiteScore
0.90
自引率
0.00%
发文量
28
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信