Title :
Optimizing Fuzzy K-means for network anomaly detection using PSO
Author :
Ensafi, R. ; Dehghanzadeh, S. ; Mohammad, Rahim ; Akbarzadeh, T.
Author_Institution :
Ferdowsi Univ. of Mashhad, Mashhad
fDate :
March 31 2008-April 4 2008
Abstract :
Intrusion detection has become an indispensable defense line in the information security infrastructure. The existing signature-based intrusion detection mechanisms are often not sufficient in detecting many types of attacks. K-means is a popular anomaly intrusion detection method to classify unlabeled data into different categories. However, it suffers from the local convergence and high false alarms. In this paper, two soft computing techniques, fuzzy logic and swarm intelligence, are used to solve these problems. We proposed SFK-means approach which inherits the advantages of K-means, Fuzzy K-means and Swarm K- means, simultaneously we improve the deficiencies. The most advantages of our SFK-means algorithm are solving the local convergence problem in Fuzzy K- means and the sharp boundary problem in Swarm K- means. The experimental results on dataset KDDCup99 show that our proposed method can be effective in detecting various attacks.
Keywords :
computer networks; fuzzy logic; fuzzy set theory; particle swarm optimisation; security of data; telecommunication security; fuzzy k-means for network anomaly detection optimization; fuzzy logic; information security infrastructure; local convergence problem; particle swarm optimisation; sharp boundary problem; signature intrusion detection mechanism; swarm intelligence; Clustering algorithms; Computer networks; Convergence; Fuzzy logic; Information security; Intrusion detection; Machine learning; Particle swarm optimization; Pervasive computing; Phase detection;
Conference_Titel :
Computer Systems and Applications, 2008. AICCSA 2008. IEEE/ACS International Conference on
Conference_Location :
Doha
Print_ISBN :
978-1-4244-1967-8
Electronic_ISBN :
978-1-4244-1968-5
DOI :
10.1109/AICCSA.2008.4493603
