An unsupervised anomaly detection approach using subtractive clustering and Hidden Markov Model

被引:0
|
作者
Yang, Chun [1 ]
Deng, Feiqi [1 ]
Yang, Haidong [1 ]
机构
[1] S China Univ Technol, Coll Automat Sci & Engn, Guangzhou 510640, Guangdong, Peoples R China
来源
2007 SECOND INTERNATIONAL CONFERENCE IN COMMUNICATIONS AND NETWORKING IN CHINA, VOLS 1 AND 2 | 2007年
关键词
subtractive clustering; Hidden Markov Model; feature selection; intrusion detection;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Previous Research in network intrusion detection system (NIDS) has typically used misuse detection or supervised anomaly detection techniques. These techniques have difficulty in detecting new types of attacks or causing high false positives in real network environment. Unsupervised anomaly detection can overcome the drawbacks of misuse detection and supervised anomaly detection. In this paper, normal-anomaly patterns are built over the network traffic dataset that uses subtractive clustering, and at the same time the built Hidden Markov Model (HMM) correlates the observation sequences and state transitions to predict the most probable intrusion state sequences. The proposed unsupervised anomaly detection approach is capable of reducing false positives by classifying intrusion sequences into different emergency levels. The experimental results are also reported using the KDDCup'99 dataset and Matlab.
引用
收藏
页码:123 / 126
页数:4
相关论文
共 50 条
  • [21] Unsupervised classification of music genre using hidden Markov model
    Shao, X
    Xu, CS
    Kankanhalli, MS
    2004 IEEE INTERNATIONAL CONFERENCE ON MULTIMEDIA AND EXP (ICME), VOLS 1-3, 2004, : 2023 - 2026
  • [22] A clustering approach for estimating parameters of a profile hidden Markov model
    Aghdam, Rosa
    Pezeshk, Hamid
    Malekpour, Seyed Amir
    Shemehsavar, Soudabeh
    Eslahchi, Changiz
    INTERNATIONAL JOURNAL OF DATA MINING AND BIOINFORMATICS, 2013, 8 (01) : 66 - 82
  • [23] Adaptive Hidden Markov Model With Anomaly States for Price Manipulation Detection
    Cao, Yi
    Li, Yuhua
    Coleman, Sonya
    Belatreche, Ammar
    McGinnity, Thomas Martin
    IEEE TRANSACTIONS ON NEURAL NETWORKS AND LEARNING SYSTEMS, 2015, 26 (02) : 318 - 330
  • [24] A protocol anomaly detection method based on optimized hidden Markov model
    Qiu Wei
    Yang Yingjie
    Wang Yongwei
    Chang Dexian
    Liu Jiang
    Hu Hao
    PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON MECHATRONICS, MATERIALS, CHEMISTRY AND COMPUTER ENGINEERING 2015 (ICMMCCE 2015), 2015, 39 : 1649 - 1657
  • [25] Unsupervised anomaly detection model combining total attributes clustering and feature attributes clustering
    Liu W.-G.
    Zhang Z.-L.
    Tiedao Xuebao/Journal of the China Railway Society, 2010, 32 (05): : 59 - 64
  • [26] Unsupervised multiscale focused objects detection using hidden Markov tree
    Ye, Z
    Lu, CC
    PROCEEDINGS OF THE 6TH JOINT CONFERENCE ON INFORMATION SCIENCES, 2002, : 812 - 815
  • [27] An Efficient Hidden Markov Model For Anomaly Detection In CAN Bus Networks
    Boumiza, Safa
    Braham, Rafik
    2019 27TH INTERNATIONAL CONFERENCE ON SOFTWARE, TELECOMMUNICATIONS AND COMPUTER NETWORKS (SOFTCOM), 2019, : 482 - 487
  • [28] Anomaly Detection Using Markov Chain Model
    Zheludev, Michael
    Nagradov, Evgeny
    2017 ELEVENTH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND INFORMATION TECHNOLOGIES (CSIT), 2017, : 177 - 181
  • [29] Multiuser Detection Using Hidden Markov Model
    Chen, Fangjiong
    Kwong, Sam
    IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, 2009, 58 (01) : 107 - 115
  • [30] Detection of machine failure: Hidden Markov Model approach
    Tai, Allen H.
    Ching, Wai-Ki
    Chan, L. Y.
    COMPUTERS & INDUSTRIAL ENGINEERING, 2009, 57 (02) : 608 - 619
12345