Universiti Teknologi Malaysia Institutional Repository

Cooperative intrusion detection system (CIDS) in grid environment on unlabelled data

Dahlan, Dahliyusmanto and Abdullah, Abdul Hanan and Ismail, Abdul Samad and Witcha, Chimphlee and Ngadi, Md Asri and Abu Bakar, Kamalrulnizam (2007) Cooperative intrusion detection system (CIDS) in grid environment on unlabelled data. In: Postgraduate Annual Research Seminar (PARS’ 07)., 2007, UTM.



Intrusions pose a serious security risk in a network environment. The intrusion detection in computer networks is a complex research problem. Applying intrusion detection to the fast growing computational Grid environments improves the security and is considered to be the heart of this new field. Flexible cooperative distributed intrusion detection architecture is introduced that suits to and benefits from the underlying Grid environment. Intrusion detection techniques fall into two general categories: anomaly detection and signature recognition, with each one complements one other. Anomaly intrusion detection normally has high false alarm rates, and a high volume of false alarms will prevent system administrators from identifying the real attacks. This paper presents a clustering-based anomaly intrusion detection algorithm which trains on unlabeled data in order to detect new intrusions. This work does not make a strict hypothetical requirement with the percentage of attacks has to be less than a certain threshold (e.g.,~1.5%). It also does not label clusters by considering the sparse density is attacks. We propose a new labelling cluster algorithms, called NMF (Normal Membership Factor) that is capable of increasing normal detection which would be indicative of decrease false positive rate. Our method is able to detect many different types of intrusions, while maintaining a low false positive rate as verified over the Knowledge Discovery and Data Mining-KDD CUP 1999 dataset.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:grid environment, Cooperative intrusion detection system (CIDS)
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:13871
Deposited By: Mrs Liza Porijo
Deposited On:15 Aug 2011 05:54
Last Modified:27 Sep 2017 13:08

Repository Staff Only: item control page