An Efficient Fuzzy Clustering-Based Approach for Intrusion Detection

Source: arXiv

ABSTRACT The need to increase accuracy in detecting sophisticated cyber attacks poses
a great challenge not only to the research community but also to corporations.
So far, many approaches have been proposed to cope with this threat. Among
them, data mining has brought on remarkable contributions to the intrusion
detection problem. However, the generalization ability of data mining-based
methods remains limited, and hence detecting sophisticated attacks remains a
tough task. In this thread, we present a novel method based on both clustering
and classification for developing an efficient intrusion detection system
(IDS). The key idea is to take useful information exploited from fuzzy
clustering into account for the process of building an IDS. To this aim, we
first present cornerstones to construct additional cluster features for a
training set. Then, we come up with an algorithm to generate an IDS based on
such cluster features and the original input features. Finally, we
experimentally prove that our method outperforms several well-known methods.

  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The dramatic proliferation of sophisticated cyber attacks, in conjunction with the ever growing use of Internet-based services and applications, is nowadays becoming a great concern in any organization. Among many efficient security solutions proposed in the literature to deal with this evolving threat, ensemble approaches, a particular family of data mining, have proven very successful in designing high performance intrusion detection systems (IDSs) resting on the mutual combination of multiple classifiers. However, the strength of ensemble systems depends heavily on the methods to generate and combine individual classifiers (ensemble members). In this thread, we propose a novel design method to generate a robust ensemble-based IDS. In our approach, individual classifiers are built using both the input feature space and additional features exploited from k-means clustering. In addition, the ensemble combination is calculated based on the classification ability of individual classifiers on different local data regions defined in form of k-means clustering. Experimental results prove that our solution is superior to several state-of-the-art methods.
    15th International Database Engineering and Applications Symposium (IDEAS 11), Lisbon, Portugal; 01/2011

Full-text (2 Sources)

Available from
Jun 6, 2014