A Clustering-Based Unsupervised Approach to Anomaly Intrusion Detection
Authors
Evgeniya Nikolova, Veselina Jecheva
Corresponding Author
Evgeniya Nikolova
Available Online April 2013.
- DOI
- 10.2991/3ca-13.2013.51How to use a DOI?
- Keywords
- anomaly based IDS, 2-means clustering, Recall, Precision, F1 measure, Dunn index, Davies-Bouldin index
- Abstract
In the present paper a 2-means clustering-based anomaly detection technique is proposed. The presented method parses the set of training data, consisting of normal and anomaly data, and separates the data into two clusters. Each cluster is represented by its centroid - one of the normal observations, and the other - for the anomalies. The paper also provides appropriate methods for clustering, training and detection of attacks. The performance of the presented methodology is evaluated by the following methods: Recall, Precision and F1-measure. Measurements of performance are executed with Dunn index and Davies-Bouldin index.
- Copyright
- © 2013, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Evgeniya Nikolova AU - Veselina Jecheva PY - 2013/04 DA - 2013/04 TI - A Clustering-Based Unsupervised Approach to Anomaly Intrusion Detection BT - Proceedings of the 2nd International Symposium on Computer, Communication, Control and Automation PB - Atlantis Press SP - 202 EP - 205 SN - 1951-6851 UR - https://doi.org/10.2991/3ca-13.2013.51 DO - 10.2991/3ca-13.2013.51 ID - Nikolova2013/04 ER -