Anomaly Intrusion Detection Using Incremental Learning of an Infinite Mixture Model with Feature Selection

Fan, Wentao; Bouguila, Nizar; Sallay, Hassen

doi:10.1007/978-3-642-41299-8_35

Wentao Fan²⁴,
Nizar Bouguila²⁴ &
Hassen Sallay²⁵

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 8171))

Included in the following conference series:

International Conference on Rough Sets and Knowledge Technology

1592 Accesses
8 Citations

Abstract

We propose an incremental nonparametric Bayesian approach for clustering. Our approach is based on a Dirichlet process mixture of generalized Dirichlet (GD) distributions. Unlike classic clustering approaches, our model does not require the number of clusters to be pre-defined. Moreover, an unsupervised feature selection scheme is integrated into the proposed nonparametric framework to improve clustering performance. By learning the proposed model using an incremental variational framework, the number of clusters as well as the features weights can be automatically and simultaneously computed. The effectiveness and merits of the proposed approach are investigated on a challenging application namely anomaly intrusion detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Blei, D., Jordan, M.: Variational inference for Dirichlet process mixtures. Bayesian Analysis 1, 121–144 (2005)
Article MathSciNet Google Scholar
Bouguila, N., Ziou, D.: A hybrid SEM algorithm for high-dimensional unsupervised learning using a finite generalized Dirichlet mixture. IEEE Transactions on Image Processing 15(9), 2657–2668 (2006)
Article Google Scholar
Boutemedjet, S., Bouguila, N., Ziou, D.: A hybrid feature extraction selection approach for high-dimensional non-Gaussian data clustering. IEEE Transactions on Pattern Analysis and Machine Intelligence 31(8), 1429–1443 (2009)
Article Google Scholar
Constantinopoulos, C., Titsias, M., Likas, A.: Bayesian feature and model selection for Gaussian mixture models. IEEE Transactions on Pattern Analysis and Machine Intelligence 28(6), 1013–1018 (2006)
Article Google Scholar
Corduneanu, A., Bishop, C.M.: Variational Bayesian model selection for mixture distributions. In: Proc. of the 8th International Conference on Artificial Intelligence and Statistics (AISTAT), pp. 27–34 (2001)
Google Scholar
Fan, W., Bouguila, N., Ziou, D.: Variational learning for finite Dirichlet mixture models and applications. IEEE Transactions on Neural Netw. Learning Syst. 23(5), 762–774 (2012)
Article Google Scholar
Gomes, R., Welling, M., Perona, P.: Incremental learning of nonparametric Bayesian mixture models. In: Proc. of IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 1–8 (2008)
Google Scholar
Law, M.H.C., Figueiredo, M.A.T., Jain, A.K.: Simultaneous feature selection and clustering using mixture models. IEEE Transactions on Pattern Analysis and Machine Intelligence 26(9), 1154–1166 (2004)
Article Google Scholar
Lee, W., Stolfo, S.J., Mok, K.W.: Adaptive intrusion detection: A data mining approach. Artificial Intelligence Review 14(6), 533–567 (2000)
Article MATH Google Scholar
Li, Y., Dong, M., Hua, J.: Simultaneous localized feature selection and model detection for Gaussian mixtures. IEEE Transactions on Pattern Analysis and Machine Intelligence 31, 953–960 (2009)
Article Google Scholar
McLachlan, G., Peel, D.: Finite Mixture Models. Wiley, New York (2000)
Book MATH Google Scholar
Mitchell, T.M.: Machine learning and data mining. Communications of the ACM 42(11), 30–36 (1999)
Article Google Scholar
Neal, R.M.: Markov chain sampling methods for Dirichlet process mixture models. Journal of Computational and Graphical Statistics 9(2), 249–265 (2000)
MathSciNet Google Scholar
Northcutt, S., Novak, J.: Network Intrusion Detection: An Analyst’s Handbook. New Riders Publishing (2002)
Google Scholar
Sethuraman, J.: A constructive definition of Dirichlet priors. Statistica Sinica 4, 639–650 (1994)
MathSciNet MATH Google Scholar

Download references

Author information

Authors and Affiliations

iNameConcordia University, Montreal, QC, Canada
Wentao Fan & Nizar Bouguila
Al Imam Mohammad Ibn Saud Islamic University (IMSIU), Riyadh, Saudi Arabia
Hassen Sallay

Authors

Wentao Fan
View author publications
You can also search for this author in PubMed Google Scholar
Nizar Bouguila
View author publications
You can also search for this author in PubMed Google Scholar
Hassen Sallay
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Saint Mary’s University, B3H 3C3, Halifax, NS, Canada
Pawan Lingras
Maria Curie-Skłodowska University, Lublin, Poland
Marcin Wolski
University of Granada, Spain
Chris Cornelis
Indian Statistical Institute, 700108, Kolkata, India
Sushmita Mitra
University of Warsaw, 02-097, Warsaw, Poland
Piotr Wasilewski

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Fan, W., Bouguila, N., Sallay, H. (2013). Anomaly Intrusion Detection Using Incremental Learning of an Infinite Mixture Model with Feature Selection. In: Lingras, P., Wolski, M., Cornelis, C., Mitra, S., Wasilewski, P. (eds) Rough Sets and Knowledge Technology. RSKT 2013. Lecture Notes in Computer Science(), vol 8171. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41299-8_35

Download citation

DOI: https://doi.org/10.1007/978-3-642-41299-8_35
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41298-1
Online ISBN: 978-3-642-41299-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics