Universiti Teknologi Malaysia Institutional Repository

Anomaly detection of intrusion based on integration of rough sets and fuzzy c-means

Chimphlee, Witcha and Md. Sap, Mohd. Noor and Abdullah, Abdul Hanan and Chimphlee, Siriporn (2005) Anomaly detection of intrusion based on integration of rough sets and fuzzy c-means. Jurnal Teknologi Maklumat, 17 (2). pp. 1-14. ISSN 0128-3790

[img]
Preview
PDF
978Kb

Official URL: http://portal.psz.utm.my/psz/index.php?option=com_...

Abstract

As malicious intrusions are a growing problem, we need a solution to detect the intrusions accurately. Network administrators are continuously looking for new ways to protect their resources from harm, both internally and externally. Intrusion detection systems look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large; human labeling is tedious, time-consuming, and expensive. The objective of this paper is to describe a rough sets and fuzzy c-means algorithms and discuss its usage to detect intrusion in a computer network. Fuzzy systems have demonstrated their ability to solve different kinds of problems in various applications domains. We are using a Rough Sets to select a subset of input features for clustering with a goal of increasing the detection rate and decreasing the false alarm rate in network intrusion detection. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Experiments were performed with DARPA data sets, which have information on computer networks, during normal behavior and intrusive behavior.

Item Type:Article
Uncontrolled Keywords:anomaly detection, unsupervised clustering, rough set, fuzzy c-means, clustering
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:8475
Deposited By: Ms Zalinda Shuratman
Deposited On:04 May 2009 03:30
Last Modified:02 Jun 2010 01:55

Repository Staff Only: item control page