• Journal of Internet Computing and Services
    ISSN 2287 - 1136(Online) / ISSN 1598 - 0170 (Print)
    http://jics.or.kr/

An Outlier Cluster Detection Technique for Real-time Network Intrusion Detection Systems


Jae-Young Chang, Jong-Myoung Park, Han-Joon Kim, Journal of Internet Computing and Services, Vol. 8, No. 6, pp. 43-54, Dec. 2007
Full Text:
Keywords: network intrusion system, outlier detection algorithm, density function

Abstract

Intrusion detection system(IDS) has recently evolved while combining signature-based detection approach with anomaly detection approach. Although signature-based IDS tools have been commonly used by utilizing machine learning algorithms, they only detect network intrusions with already known patterns, Ideal IDS tools should always keep the signature database of your detection system up-to-date. The system needs to generate the signatures to detect new possible attacks while monitoring and analyzing incoming network data. In this paper, we propose a new outlier cluster detection algorithm with density (or influence) function, Our method assumes that an outlier is a kind of cluster with similar instances instead of a single object in the context of network intrusion, Through extensive experiments using KDD 1999 Cup Intrusion Detection dataset. we show that the proposed method outperform the conventional outlier detection method using Euclidean distance function, specially when attacks occurs frequently.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from November 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[APA Style]
Jae-Young Chang, Jong-Myoung Park, & Han-Joon Kim (2007). An Outlier Cluster Detection Technique for Real-time Network Intrusion Detection Systems. Journal of Internet Computing and Services, 8(6), 43-54.

[IEEE Style]
J. Chang, J. Park and H. Kim, "An Outlier Cluster Detection Technique for Real-time Network Intrusion Detection Systems," Journal of Internet Computing and Services, vol. 8, no. 6, pp. 43-54, 2007.

[ACM Style]
Jae-Young Chang, Jong-Myoung Park, and Han-Joon Kim. 2007. An Outlier Cluster Detection Technique for Real-time Network Intrusion Detection Systems. Journal of Internet Computing and Services, 8, 6, (2007), 43-54.