Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information and Communications Security

ICICS 2003: Information and Communications Security pp 325–336Cite as

A Research on Intrusion Detection Based on Unsupervised Clustering and Support Vector Machine

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2836))

Abstract

An intrusion detection algorithm based on unsupervised clustering (UC) and support vector machine (SVM) is presented via combining the fast speed of UC and the high accuracy of SVM. The basic idea of the algorithm is to decide whether SVM classifier is utilized or not by comparing the distances between the network packets and the cluster centers. So the number of packets going through SVM reduces. Therefore, we can get a tradeoff between the speed and accuracy in the detection. The experiment uses KDD99 data sets, and its result shows that this approach can detect intrusions efficiently in the network connections.

Supported by The National Nature Science Foundation of China (90104005,90204011)

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ghosh, A.K.: Learning Program Behavior Profiles for Intrusion Detection. USENIX (1999)

    Google Scholar 

  2. Cannady, J.: Artificial Neural Networks for Misuse Detection. In: National Information Systems Security Conference (1998)

    Google Scholar 

  3. Ryan, J., Lin, M.-J., Miikkulainen, R.: Intrusion Detection with Neural Networks. In: Advances in Neural Information Processing Systems 10, MIT Press, Cambridge (1998)

    Google Scholar 

  4. Luo, J., Bridges, S.M.: Mining Fuzzy Association Rules and Fuzzy FrequencyEpisodes for Intrusion Detection. International Journal of Intelligent Systems, 687–703. John Wiley & Sons (2000)

    Google Scholar 

  5. Eskin, E., Arnold, A., et al.: A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data. In: Data Mining for Security Applications (DMSA 2002), Kluwer, Dordrecht (2002)

    Google Scholar 

  6. Honig, A., Howard, A., et al.: Adaptive Model Generation: An Architecture for the Deployment of Data Minig-based Intrusion Detection Systems. In: Data Mining for Security Applications (DMSA 2002), Kluwer, Dordrecht (2002)

    Google Scholar 

  7. Portnoy, L., Eskin, E., et al.: Intrusion Detection with Unlabeled Data Using Clustering. In: Proceedings of ACM CSS Workshop on Data Mining Applied to Security(DMSA 2001) (2001)

    Google Scholar 

  8. Mukkamala, S., Janowski, G., et al.: Identifying Important Features For Intrusion Detection Using Support Vector Machines and Neural Networks. In: Applications and the Internet, 2003. Proceedings. 2003 Symposium, pp. 209–216 (2003)

    Google Scholar 

  9. Mukkamala, S., Janowski, G., et al.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proceedings of IEEE International Joint Conference on Neural Networks 2002, Hawaii, pp. 1702–1707 (2002.5)

    Google Scholar 

  10. Mukkamala, S., Sung, A.H.: Comparison of Neural Networks and Support Vector Machines in Intrusion Detection. In: Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, June 11–13 (2002)

    Google Scholar 

  11. Rao, X.: An Intrusion Detection Based on SVM. Journal of Software 14(4), 798–803 (2002)

    Google Scholar 

  12. Chatz, A., Tuzhilin, A.: What Makes Patterns Interesting in Knowledge Discovery Systems. IEEE Transactions on Knowledge and Data Engineering, 970–974 (1996.6)

    Google Scholar 

  13. Vapnik, V.: The Nature of Statistical Learning Theory. Springer, New York (1995)

    MATH  Google Scholar 

  14. Nell, C., John, S.: An Introduction to Support Vector Machines and other kernel-based learning methods. Cambridge University Press, Cambridge (2000)

    Google Scholar 

  15. Schölkopf, B., Platt, J.C., et al.: Estimating the support of a high-dimensional distribution. Neural Computation 13(7), 1443–1471 (2001)

    Article  MATH  Google Scholar 

  16. http://www.csie.ntu.edu.tw/~cjlin/libsvm

  17. http://kdd.ics.uci.edu/databases/kddcup99/task.html

Download references

Author information

Authors and Affiliations

  1. School of Computer, The State Key Laboratory of Software Engineering, Wuhan University, 430072, Wuhan, Hubei, P.R.China

    Min Luo, Lina Wang, Huanguo Zhang & Jin Chen

Authors
  1. Min Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lina Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Huanguo Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jin Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute of Softwear, Chinese Academy of Sciences, 100080, Beijing, China

    Sihan Qing

  2. Institute for Security in Distributed Applications, Hamburg University of Technology, 21071, Hamburg, Germany

    Dieter Gollmann

  3. Cryptography and Security Department Institute for Infocomm Research, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Luo, M., Wang, L., Zhang, H., Chen, J. (2003). A Research on Intrusion Detection Based on Unsupervised Clustering and Support Vector Machine. In: Qing, S., Gollmann, D., Zhou, J. (eds) Information and Communications Security. ICICS 2003. Lecture Notes in Computer Science, vol 2836. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39927-8_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-39927-8_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20150-2

  • Online ISBN: 978-3-540-39927-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation