RT Conference Proceedings
T1 Labelling clusters in an intrusion detection system using a combination of clustering evaluation techniques
A1 Petrovic, Slovodan
A1 Álvarez, Gonzalo
A1 Orfila, Agustín
A1 Carbó Rubiera, Javier Ignacio
AB A new clusters labelling strategy, which combines the computation of the Davies-Bouldin index of the clustering and the centroid diameters of the clusters is proposed for application in anomaly based intrusion detection systems (IDS). The aim of such a strategy is to detect compact clusters containing very similar vectors and these are highly likely to be attack vectors. Experimental results comparing the effectiveness of a multiple classifier IDS with such a labelling strategy and that of the classical cardinality labelling based IDS show that the proposed strategy behaves much better in a heavily attacked environment where massive attacks are present. The parameters of the labelling algorithm can be varied in order to adapt to the conditions in the monitored network.
PB IEEE
SN 0-7695-2507-5
SN 1530-1605
YR 2006
FD 2006-01
LK https://hdl.handle.net/10016/9531
UL https://hdl.handle.net/10016/9531
LA eng
NO Proceeding of the: 39th Annual Hawaii International Conference on System Sciences, 2006 (HICSS’06)
DS e-Archivo
RD 30 jun. 2024