Abstract
An intrusion detection algorithm based on unsupervised clustering (UC) and support vector machine (SVM) is presented via combining the fast speed of UC and the high accuracy of SVM. The basic idea of the algorithm is to decide whether SVM classifier is utilized or not by comparing the distances between the network packets and the cluster centers. So the number of packets going through SVM reduces. Therefore, we can get a tradeoff between the speed and accuracy in the detection. The experiment uses KDD99 data sets, and its result shows that this approach can detect intrusions efficiently in the network connections.
Supported by The National Nature Science Foundation of China (90104005,90204011)
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ghosh, A.K.: Learning Program Behavior Profiles for Intrusion Detection. USENIX (1999)
Cannady, J.: Artificial Neural Networks for Misuse Detection. In: National Information Systems Security Conference (1998)
Ryan, J., Lin, M.-J., Miikkulainen, R.: Intrusion Detection with Neural Networks. In: Advances in Neural Information Processing Systems 10, MIT Press, Cambridge (1998)
Luo, J., Bridges, S.M.: Mining Fuzzy Association Rules and Fuzzy FrequencyEpisodes for Intrusion Detection. International Journal of Intelligent Systems, 687–703. John Wiley & Sons (2000)
Eskin, E., Arnold, A., et al.: A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data. In: Data Mining for Security Applications (DMSA 2002), Kluwer, Dordrecht (2002)
Honig, A., Howard, A., et al.: Adaptive Model Generation: An Architecture for the Deployment of Data Minig-based Intrusion Detection Systems. In: Data Mining for Security Applications (DMSA 2002), Kluwer, Dordrecht (2002)
Portnoy, L., Eskin, E., et al.: Intrusion Detection with Unlabeled Data Using Clustering. In: Proceedings of ACM CSS Workshop on Data Mining Applied to Security(DMSA 2001) (2001)
Mukkamala, S., Janowski, G., et al.: Identifying Important Features For Intrusion Detection Using Support Vector Machines and Neural Networks. In: Applications and the Internet, 2003. Proceedings. 2003 Symposium, pp. 209–216 (2003)
Mukkamala, S., Janowski, G., et al.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proceedings of IEEE International Joint Conference on Neural Networks 2002, Hawaii, pp. 1702–1707 (2002.5)
Mukkamala, S., Sung, A.H.: Comparison of Neural Networks and Support Vector Machines in Intrusion Detection. In: Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, June 11–13 (2002)
Rao, X.: An Intrusion Detection Based on SVM. Journal of Software 14(4), 798–803 (2002)
Chatz, A., Tuzhilin, A.: What Makes Patterns Interesting in Knowledge Discovery Systems. IEEE Transactions on Knowledge and Data Engineering, 970–974 (1996.6)
Vapnik, V.: The Nature of Statistical Learning Theory. Springer, New York (1995)
Nell, C., John, S.: An Introduction to Support Vector Machines and other kernel-based learning methods. Cambridge University Press, Cambridge (2000)
Schölkopf, B., Platt, J.C., et al.: Estimating the support of a high-dimensional distribution. Neural Computation 13(7), 1443–1471 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Luo, M., Wang, L., Zhang, H., Chen, J. (2003). A Research on Intrusion Detection Based on Unsupervised Clustering and Support Vector Machine. In: Qing, S., Gollmann, D., Zhou, J. (eds) Information and Communications Security. ICICS 2003. Lecture Notes in Computer Science, vol 2836. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39927-8_30
Download citation
DOI: https://doi.org/10.1007/978-3-540-39927-8_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20150-2
Online ISBN: 978-3-540-39927-8
eBook Packages: Springer Book Archive