Sciweavers

Share
PAKDD
2009
ACM

Data Mining for Intrusion Detection: From Outliers to True Intrusions

12 years 3 months ago
Data Mining for Intrusion Detection: From Outliers to True Intrusions
Data mining for intrusion detection can be divided into several sub-topics, among which unsupervised clustering has controversial properties. Unsupervised clustering for intrusion detection aims to i) group behaviors together depending on their similarity and ii) detect groups containing only one (or very few) behaviour. Such isolated behaviours are then considered as deviating from a model of normality and are therefore considered as malicious. Obviously, all atypical behaviours are not attacks or intrusion attempts. Hence, this is the limits of unsupervised clustering for intrusion detection. In this paper, we consider to add a new feature to such isolated behaviours before they can be considered as malicious. This feature is based on their possible repetition from one information system to another.
Goverdhan Singh, Florent Masseglia, Céline
Added 20 May 2010
Updated 20 May 2010
Type Conference
Year 2009
Where PAKDD
Authors Goverdhan Singh, Florent Masseglia, Céline Fiot, Alice Marascu, Pascal Poncelet
Comments (0)
books