Computer Science ›› 2016, Vol. 43 ›› Issue (5): 87-90.doi: 10.11896/j.issn.1002-137X.2016.05.016

Previous Articles     Next Articles

Novel Intrusion Detection Method Based on Semi-supervised Clustering

LIANG Chen and LI Cheng-hai   

  • Online:2018-12-01 Published:2018-12-01

Abstract: A new semi-supervised intrusion detection method based on error-correcting output codes was proposed to solve the difficulties which existing in intrusion detection algorithms based on supervised learning usually face when the training samples are insufficient.This method mines the relationship under the unlabeled data to enlarge the known labeled normal data by introducing the idea of semi-supervised cop-kmeans algorithm.Firstly,the SVDD is used to mea-sure the class separabilty quantitatively.Then the inter-class separability matrix is got gradually.The binary tree is built based on the matrixes from the bottom to the up.Each node of the binary tree is encoded by level to get the final hierarchical error-correcting output codes and classifiter.The experiments in KDD Cup 1999 network data sets prove that the method has better performance in detection accuracy and good adaptability in the real network environment.

Key words: Intrusion detection system,Error-correcting output codes,Semi-supervised clustering,Class separability,SVDD

[1] Chandola V,Banerjee A,Kumar V.Anomaly detection:a survey[J].ACM Computing Surveys,2009,41(3): 75-79
[2] Denning D E.An intrusion detection model[J].IEEE Transactions on Software Engineering,1987,SE-13(2):222-232
[3] Mukkamala S,Sung A H.Feature ranking and selection for intrusion detection systems[C]∥Proc of the 11th Int’1 Conf.on Information and Knowledge Engineering.Las Vegas:CSREA Press,2002:503-509
[4] Lee W K,Stolfo S J.A framework for constructing features and models for intrusion detection systems[J].ACM Transactions on Information and System Security,2000,3(4):227-261
[5] Portnoy L,Eskin E,Stolfo S J.Intrusion detection with unla-beled data using clustering[C]∥Proc of ACM CSS Workshop on Data Mining Applied to Security.New York:ACM Press,2001:51-62
[6] Depren O,Topallar M,Anarim E,et al.An intelligent intrusion detection system(IDS) for anomaly and misuse detection in computer networks[J].Expert Systems with Applications,2005,29:713-722
[7] Fiore U,Palmieri F,Castiglione A,et al.Network anomaly detection with the restricted boltzmann machine[J].Neurocomputing,2013,122:13-23
[8] Yang Shi-lai,Yang Ya-hui,Shen Qing-ni,et al.A Method of Intrusion Detection Based on Semi-Supervised GHSOM[J].Journal of Computer Research and Development,2013,50(11):2375-2382(in Chinese) 阳时来,杨雅辉,沈晴霓,等.一种基于半监督GHSOM的入侵检测方法[J].计算机研究与发展,2013,20(11):2375-2382
[9] Lei Lei,Wang Xiao-dan,Luo Xi,et al.Hierarchical error-correcting output codes based on SVDD[J].Systems Engineering and Electronics,2015,7(8):1916-1921(in Chinese) 雷蕾,王晓丹,罗玺,等.基于SVDD的层次纠错输出编码研究[J].系统工程与电子技术,2015,37(8):1916-1921
[10] Li Jun-li,Li Wei-hua.Semi-supervised SVDD-KFCM Algorithm and its Application in Bearing Fault Detection[J].Computer Scien-ce,2015,2(6A):134-137(in Chinese) 李军利,李巍华.一种半监督SVDD-KFCM算法及其在轴承故障检测中的应用[J].计算机科学,2015,42(6A):134-137
[11] Chen Shi-guo,Zhang Dao-qiang.Experimental Comparisons of Semi-Supervised Dimensional Reduction Methods[J].Journal of Software,2011,22(1):28-43(in Chinese) 陈诗国,张道强.半监督降维方法的实验比较[J].软件学报,2011,22(1):28-43
[12] Chapelle O,Zien A.Semi-supervised classification by low density separation[C]∥Proc of the 10th International Workshop on Artificial Intelligence and Statistic.Barbados.2005:19-26
[13] Kulis B,Basu S,Dhillon I,et al.Semi-supervised graph clustering:a kernel approach[J].Machine Learning,2009,74:1-22
[14] Wagstaff K,Cardie C,Rogers S,et al.Constrained k-means clustering with background knowledge[C]∥Proc of ICML’01.San Francisco:Morgan Kaufmann Publishers.2001:577-584
[15] Zhu Xiao-kai,Yang De-gui.Multi-Class Support Vector Domain Description for Pattern Recognition Based on a Measure of Expansibility[J].Acta Electronica Sinic,2009,37(3):464-469(in Chinese) 朱孝开,杨德贵.基于推广能力测度的多类SVDD模式识别方法[J].电子学报,2009,37(3):464-469
[16] The UCI KDD Archive.KDD99 Cup Dataset[DB/OL].(1999-10-28).

No related articles found!
Full text



No Suggested Reading articles found!