Petrovic, SlovodanÁlvarez, GonzaloOrfila, AgustínCarbó Rubiera, Javier Ignacio2010-11-122010-11-122006-0139th Annual Hawaii International Conference on System Sciences, 2006. Proceedings. (HICSS’06), vol. 6, pág. 129b0-7695-2507-51530-1605https://hdl.handle.net/10016/9531Proceeding of the: 39th Annual Hawaii International Conference on System Sciences, 2006 (HICSS’06)A new clusters labelling strategy, which combines the computation of the Davies-Bouldin index of the clustering and the centroid diameters of the clusters is proposed for application in anomaly based intrusion detection systems (IDS). The aim of such a strategy is to detect compact clusters containing very similar vectors and these are highly likely to be attack vectors. Experimental results comparing the effectiveness of a multiple classifier IDS with such a labelling strategy and that of the classical cardinality labelling based IDS show that the proposed strategy behaves much better in a heavily attacked environment where massive attacks are present. The parameters of the labelling algorithm can be varied in order to adapt to the conditions in the monitored network.text/plainapplication/pdfeng© IEEEClusteringIDSIntrusion detectionconference paperInformática10.1109/HICSS.2006.247open access39th Annual Hawaii International Conference on System Sciences, 2006. Proceedings. (HICSS’06)6