Labelling Clusters in an Intrusion Detection System Using a Combination of Clustering Evaluation Techniques

Kauai, Hawaii January 04-January 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/HICSS.2006.247

Proceedings of the 39th Annual Hawaii ...

	This Article
	PURCHASE ARTICLE: $0 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Slobodan Petrović Articles by Gonzalo Álvarez Articles by Agustín Orfila Articles by Javier Carbó

	ASCII Text	x
	Slobodan Petrović, Gonzalo Álvarez, Agustín Orfila, Javier Carbó, "Labelling Clusters in an Intrusion Detection System Using a Combination of Clustering Evaluation Techniques," Hawaii International Conference on System Sciences, vol. 6, pp. 129b, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06) Track 6, 2006.

	BibTex	x
	@article{ 10.1109/HICSS.2006.247, author = {Slobodan Petrović and Gonzalo Álvarez and Agustín Orfila and Javier Carbó}, title = {Labelling Clusters in an Intrusion Detection System Using a Combination of Clustering Evaluation Techniques}, journal ={Hawaii International Conference on System Sciences}, volume = {6}, year = {2006}, issn = {1530-1605}, pages = {129b}, doi = {http://doi.ieeecomputersociety.org/10.1109/HICSS.2006.247}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Hawaii International Conference on System Sciences TI - Labelling Clusters in an Intrusion Detection System Using a Combination of Clustering Evaluation Techniques SN - 1530-1605 SP EP A1 - Slobodan Petrović, A1 - Gonzalo Álvarez, A1 - Agustín Orfila, A1 - Javier Carbó, PY - 2006 KW - null VL - 6 JA - Hawaii International Conference on System Sciences ER -

Slobodan Petrović, Gjøvik University College

Gonzalo Álvarez, Institute of Applied Physics

Agustín Orfila, Carlos III University of Madrid

Javier Carbó, Carlos III University of Madrid

A new clusters labelling strategy, which combines the computation of the Davies-Bouldin index of the clustering and the centroid diameters of the clusters is proposed for application in anomaly based intrusion detection systems (IDS). The aim of such a strategy is to detect compact clusters containing very similar vectors and these are highly likely to be attack vectors. Experimental results comparing the effectiveness of a multiple classifier IDS with such a labelling strategy and that of the classical cardinality labelling based IDS show that the proposed strategy behaves much better in a heavily attacked environment where massive attacks are present. The parameters of the labelling algorithm can be varied in order to adapt to the conditions in the monitored network.

Citation:

Slobodan Petrović, Gonzalo Álvarez, Agustín Orfila, Javier Carbó, "Labelling Clusters in an Intrusion Detection System Using a Combination of Clustering Evaluation Techniques," hicss, vol. 6, pp.129b, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06) Track 6, 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.