Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SAC
2004
ACM
2004
ACM
Unsupervised learning techniques for an intrusion detection system
With the continuous evolution of the types of attacks against computer networks, traditional intrusion detection systems, based on pattern matching and static signatures, are increasingly limited by their need of an up-to-date and comprehensive knowledge base. Data mining techniques have been successfully applied in host-based intrusion detection. Applying data mining techniques on raw network data, however, is made difficult by the sheer size of the input; this is usually avoided by discarding the network packet contents. In this paper, we introduce a two-tier architecture to overcome this problem: the first tier is an unsupervised clustering algorithm which reduces the network packets payload to a tractable size. The second tier is a traditional anomaly detection algorithm, whose efficiency is improved by the availability of data on the packet payload content. Categories and Subject Descriptors K.6.5 [Security and Protection]: Unauthorized access (e.g., hacking, phreaking); I.5.3 [...
Real-time TrafficApplied Computing | Data Mining Techniques | Intrusion Detection | SAC 2004 | Unsupervised Clustering |
Related Content
| Added | 30 Jun 2010 |
| Updated | 30 Jun 2010 |
| Type | Conference |
| Year | 2004 |
| Where | SAC |
| Authors | Stefano Zanero, Sergio M. Savaresi |
Comments (0)
Researcher Info
|
