Optimized clustering for anomaly intrusion detection

Sang Hyun Oh, Won Suk Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Although conventional clustering algorithms have been used to classify data objects in a data set into the groups of similar data objects based on data similarity, they can be employed to extract the common knowledge i.e. properties of similar data objects commonly appearing in a set of transactions. The common knowledge of the activities in the transactions of a user is represented by the occurrence frequency of similar activities by the unit of a transaction as well as the repetitive ratio of similar activities in each transaction. This paper proposes an optimized clustering method for modeling the normal pattern of a user's activities. Furthermore, it also addresses how to determine the optimal values of clustering parameters for a user as well as how to maintain identified common knowledge as a concise profile. As a result, it can be used to detect any anomalous behavior in an online transaction of the user.

Original languageEnglish
Title of host publicationAdvances in Knowledge Discovery and Data Mining
EditorsKyu-Young Wang, Jongwoo Jeon, Kyuseok Shim, Jaideep Srivastava
PublisherSpringer Verlag
Pages576-581
Number of pages6
ISBN (Electronic)3540047603, 9783540047605
DOIs
Publication statusPublished - 2003
Event7th Pacific-Asia Conference on Knowledge Discovery and Data Mining, PAKDD 2003 - Seoul, Korea, Republic of
Duration: 2003 Apr 302003 May 2

Publication series

NameLecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)
Volume2637
ISSN (Print)0302-9743

Other

Other7th Pacific-Asia Conference on Knowledge Discovery and Data Mining, PAKDD 2003
CountryKorea, Republic of
CitySeoul
Period03/4/3003/5/2

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Optimized clustering for anomaly intrusion detection'. Together they form a unique fingerprint.

  • Cite this

    Oh, S. H., & Lee, W. S. (2003). Optimized clustering for anomaly intrusion detection. In K-Y. Wang, J. Jeon, K. Shim, & J. Srivastava (Eds.), Advances in Knowledge Discovery and Data Mining (pp. 576-581). (Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science); Vol. 2637). Springer Verlag. https://doi.org/10.1007/3-540-36175-8_57