Ismail, Abdul Samad (2008) Cooperative intrusion detection system (CIDS) in grid environment on unlabelled data. In: Proceedings of the 2008 High Performance Computing & Simulation Conference (HPCS08), 2008, Nicosia, Cyprus.
Intrusions pose a serious security risk in a network environment. The intrusion detection in computer networks is a complex research problem. Applying intrusion detection to the fast growing computational Grid environments improves the security and is considered to be the heart of this new field. Flexible cooperative distributed intrusion detection architecture is introduced that suits to and benefits from the underlying Grid environment. Intrusion detection techniques fall into two general categories: anomaly detection and signature recognition, with each one complements one other. Anomaly intrusion detection normally has high false alarm rates, and a high volume of false alarms will prevent system administrators from identifying the real attacks. This paper presents a clustering-based anomaly intrusion detection algorithm which trains on unlabeled data in order to detect new intrusions. This work does not make a strict hypothetical requirement with the percentage of attacks has to be less than a certain threshold (e.g.,~1.5%). It also does not label clusters by considering the sparse density is attacks. We propose a new labelling cluster algorithms, called NMF (Normal Membership Factor) that is capable of increasing normal detection which would be indicative of decrease false positive rate. Our method is able to detect many different types of intrusions, while maintaining a low false positive rate as verified over the Knowledge Discovery and Data Mining-KDD CUP 1999 dataset.
|Item Type:||Conference or Workshop Item (Paper)|
|Uncontrolled Keywords:||anomaly detection, unsupervised clustering, unlabeled data, fuzzy clustering, grid environment|
|Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science|
|Divisions:||Computer Science and Information System (Formerly known)|
|Deposited By:||Liza Porijo|
|Last Modified:||13 Dec 2011 08:35|
Repository Staff Only: item control page