• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Computing and informatics >TOWARDS AN UNSUPERVISED METHOD FOR NETWORK ANOMALY DETECTION IN LARGE DATASETS
【24h】

TOWARDS AN UNSUPERVISED METHOD FOR NETWORK ANOMALY DETECTION IN LARGE DATASETS

机译:面向大数据集的网络异常检测的非监督方法

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

In this paper, we present an effective tree based subspace clustering technique (TreeCLUSS) for finding clusters in network intrusion data and for detecting known as well as unknown attacks without using any labelled traffic or signatures or training. To establish its effectiveness in finding the appropriate number of clusters, we perform a cluster stability analysis. We also introduce an effective cluster labelling technique (CLUSSLab) to label each cluster based on the stable cluster set obtained from TreeCLUSS. CLUSSLab is a multi-objective technique that employs an ensemble approach for labelling each stable cluster generated by TreeCLUSS to achieve high detection rate. We also introduce an effective unsupervised feature clustering technique to identify the dominating feature set from each cluster. We evaluate the performance of both TreeCLUSS and CLUSSLab using several real world intrusion datasets to identify known as well as unknown attacks and find that results are excellent.
机译:在本文中,我们提出了一种有效的基于树的子空间聚类技术(TreeCLUSS),用于在网络入侵数据中查找群集并检测已知和未知攻击,而无需使用任何标记的流量或签名或训练。为了确定其在找到适当数量的集群中的有效性,我们执行了集群稳定性分析。我们还介绍了一种有效的群集标记技术(CLUSSLab),它基于从TreeCLUSS获得的稳定群集集来标记每个群集。 CLUSSLab是一种多目标技术,它采用整体方法来标记TreeCLUSS生成的每个稳定簇,以实现较高的检测率。我们还引入了一种有效的无监督特征聚类技术,以从每个聚类中识别主要特征集。我们使用几个真实世界的入侵数据集来评估TreeCLUSS和CLUSSLab的性能,以识别已知和未知攻击,并发现结果非常出色。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号