Universiti Teknologi Malaysia Institutional Repository

Unsupervised Anomaly Detection with Unlabeled Data Using Clustering

Chimphlee, Witcha and Abdullah, Abdul Hanan and Md Sap, Mohd Noor (2005) Unsupervised Anomaly Detection with Unlabeled Data Using Clustering. In: Postgraduate Annual Research Seminar 2005.

[img] PDF
557Kb

Abstract

Intrusions pose a serious security risk in a network environment. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large; human labeling is tedious, time-consuming, and expensive. Traditional anomaly detection algorithms require a set of purely normal data from which they train their model. We present a clustering-based intrusion detection algorithm, unsupervised anomaly detection, which trains on unlabeled data in order to detect new intrusions. Our method is able to detect many different types of intrusions, while maintaining a low false positive rate as verified over the Knowledge Discovery and Data Mining - KDD CUP 1999 dataset.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:Computer security, Anomaly detection, Unsupervised clustering, Outliers, Unlabeled data
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:3356
Deposited By: Ms Haslina Hashim
Deposited On:24 May 2007 00:29
Last Modified:01 Jun 2010 03:09

Repository Staff Only: item control page