Title :
An Intrusion Detection System Based on the Clustering Ensemble
Author :
Weng, Fangfei ; Jiang, Qingshan ; Shi, Liang ; Wu, Nannan
Author_Institution :
Sch. of Software, Xiamen Univ., Xiamen
Abstract :
Intrusion detection system (IDS) is an important component of computer network security, while clustering analysis is a common unsupervised anomaly detection method. However, it is difficult for the single clustering algorithm to get the great effective detection, and the data of intrusion attacks is anomalistic normally. This paper presents an unsupervised anomaly detection system based on the clustering ensemble. The system is based on the multiple runs of K-means to accumulate evidence to avoid the false classification of anomalistic data; then using single-link to construct the hierarchical clustering tree to get the ultimate clustering result to solve the above problems. Finally, the KDD99 CUP test data is used to show that this system is greatly effective. It also compares with another IDS based on congeneric clustering algorithm to demonstrate the superiority of this system.
Keywords :
pattern clustering; security of data; trees (mathematics); K-means clustering; anomalistic data classification; clustering analysis; clustering ensemble; computer network security; hierarchical clustering tree; intrusion attacks; intrusion detection system; unsupervised anomaly detection; Classification tree analysis; Clustering algorithms; Computer networks; Computer security; Data security; Detection algorithms; Flowcharts; Intrusion detection; Partitioning algorithms; System testing; Clustering Ensemble; Detection rate; Evidence Accumulation; False positive rate; Intrusion Detection;
Conference_Titel :
Anti-counterfeiting, Security, Identification, 2007 IEEE International Workshop on
Conference_Location :
Xiamen, Fujian
Print_ISBN :
1-4244-1035-5
Electronic_ISBN :
1-4244-1035-5
DOI :
10.1109/IWASID.2007.373710
