Title :
Reducing the Overlap among Hierarchical Clusters with a GA-Based Approach
Author_Institution :
Sch. of Inf., Beijing Forestry Univ., Beijing, China
Abstract :
Intrusion detection systems generally trigger a great number of alarms which often overwhelm their human operators. A kind of hierarchical clustering approach can help the operators to get a meaningful overview of the alarms by generating clusters one by one. But the clusters obtained generally overlap much, which makes the operators be likely to misunderstand what really happened in the network. We present an extension of the clustering approach using a genetic algorithm based upon a new kind of fitness heuristic. This heuristic "intelligently" guides the selection based upon feedback concerning the overlap among the clusters. Unlike the original approach that generates one cluster after another, our implementation generates all clusters at a time. The experiment results are quite encouraging, including that our approach can generate high-quality clusters, the overlap among which is greatly reduced.
Keywords :
genetic algorithms; pattern clustering; security of data; fitness heuristic; genetic algorithm; hierarchical clustering approach; intrusion detection system; overlap reduction; Approximation algorithms; Clustering algorithms; Computer networks; Feedback; Forestry; Genetic algorithms; Humans; Information science; Intrusion detection; Simulated annealing;
Conference_Titel :
Information Science and Engineering (ICISE), 2009 1st International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4244-4909-5
DOI :
10.1109/ICISE.2009.876
