Archivo Abierto Institucional de la Universidad Carlos III de Madrid: Labelling clusters in an intrusion detection system using a combination of clustering evaluation techniques

DSpace

e-Archivo

	Home

Browse
	Scientific Research
	Academic thesis
	Journals
	Digital collections
	Institutional Documentation
	Issue Date
	Author
	Title
	Subject

Login:
	My E-Archivo authorized users

	Help and guides
	Feedback

Archivo Abierto Institucional de la Universidad Carlos III de Madrid > Investigación > Departamentos > Departamento de Informática > Grupo de Seguridad de las Tecnologías de la Información y de las Comunicaciones > DI - SETI - Artículos en Congresos Internacionales >

Please use this identifier to cite or link to this item: http://hdl.handle.net/10016/9531

Google™ Scholar. Others By: Petrovic, Slovodan - Álvarez, Gonzalo - Orfila, Agustín - Carbó, Javier

Files in This Item:

labelling_2006.pdf

275,38 kB

Adobe PDF

formato pdf

Title:	Labelling clusters in an intrusion detection system using a combination of clustering evaluation techniques
Author(s):	Petrovic, Slovodan Álvarez, Gonzalo Orfila, Agustín Carbó, Javier
Publisher:	IEEE
Issued date:	Jan-2006
Citation:	39th Annual Hawaii International Conference on System Sciences, 2006. Proceedings. (HICSS’06), vol. 6, pág. 129b
URI:	http://hdl.handle.net/10016/9531
ISBN:	0-7695-2507-5
ISSN:	1530-1605
DOI:	http://dx.doi.org/10.1109/HICSS.2006.247
Description:	Proceeding of the: 39th Annual Hawaii International Conference on System Sciences, 2006 (HICSS’06)
Abstract:	A new clusters labelling strategy, which combines the computation of the Davies-Bouldin index of the clustering and the centroid diameters of the clusters is proposed for application in anomaly based intrusion detection systems (IDS). The aim of such a strategy is to detect compact clusters containing very similar vectors and these are highly likely to be attack vectors. Experimental results comparing the effectiveness of a multiple classifier IDS with such a labelling strategy and that of the classical cardinality labelling based IDS show that the proposed strategy behaves much better in a heavily attacked environment where massive attacks are present. The parameters of the labelling algorithm can be varied in order to adapt to the conditions in the monitored network.
Review:	PeerReviewed
Publisher version:	http://dx.doi.org/10.1109/HICSS.2006.247
Keywords:	Clustering IDS Intrusion detection
Rights:	© IEEE
Appears in Collections:	DI - SETI - Capítulos de Monografías DI - SETI - Artículos en Congresos Internacionales

Items in E-Archivo are protected by copyright, with all rights reserved, unless otherwise indicated.

© Universidad Carlos III de Madrid - Software DSpace - Terms of use - Feedback