Unsupervised feature selection for anomaly-based network intrusion detection using cluster validity indices.

SATNAC: Africa – The Future Communications Galaxy, 6-9 September 2015, Arabella Hotel & Spa, Western Cape, South Africa

[1]  Li Guo,et al.  An active learning based TCM-KNN algorithm for supervised network intrusion detection , 2007, Comput. Secur..

[2]  Aurobindo Sundaram,et al.  An introduction to intrusion detection , 1996, CROS.

[3]  S. G. Ponnambalam,et al.  Trends in Intelligent Robotics, Automation, and Manufacturing , 2012, Communications in Computer and Information Science.

[4]  Fionn Murtagh,et al.  Algorithms for hierarchical clustering: an overview , 2012, WIREs Data Mining Knowl. Discov..

[5]  Minhaz Fahim Zibran,et al.  CHI-Squared Test of Independence , 2007 .

[6]  Nizar Bouguila,et al.  Unsupervised Anomaly Intrusion Detection via Localized Bayesian Feature Selection , 2011, 2011 IEEE 11th International Conference on Data Mining.

[7]  Cannady,et al.  A Comparative Analysis of Current Intrusion Detection Technologies , 1996 .

[8]  Keith Phalp,et al.  Exploring discrepancies in findings obtained with the KDD Cup '99 data set , 2011, Intell. Data Anal..

[9]  Andrew J. Clark,et al.  Data preprocessing for anomaly based network intrusion detection: A review , 2011, Comput. Secur..

[10]  Mingwei Zhao,et al.  Feature Selection and Design of Intrusion Detection System Based on k-Means and Triangle Area Support Vector Machine , 2010, 2010 Second International Conference on Future Networks.

[11]  Wei Lu,et al.  Detecting Network Anomalies Using CUSUM and EM Clustering , 2009, ISICA.

[12]  Graham Cormode,et al.  What's new: finding significant differences in network data streams , 2004, IEEE/ACM Transactions on Networking.

[13]  J. Dunn Well-Separated Clusters and Optimal Fuzzy Partitions , 1974 .

[14]  Nasser Yazdani,et al.  Mutual information-based feature selection for intrusion detection systems , 2011, J. Netw. Comput. Appl..

[15]  Ken Barker,et al.  Data preprocessing for distance-based unsupervised Intrusion Detection , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[16]  Joshua D. Knowles,et al.  Feature subset selection in unsupervised learning via multiobjective optimization , 2006 .

[17]  Srinivasan Parthasarathy,et al.  Distance-based outlier detection , 2010, Proc. VLDB Endow..

[18]  Sotiris B. Kotsiantis,et al.  Supervised Machine Learning: A Review of Classification Techniques , 2007, Informatica.

[19]  Dan Wang,et al.  An Effective Feature Selection Approach for Network Intrusion Detection , 2013, 2013 IEEE Eighth International Conference on Networking, Architecture and Storage.

[20]  Svein J. Knapskog,et al.  Attribute Normalization in Network Intrusion Detection , 2009, 2009 10th International Symposium on Pervasive Systems, Algorithms, and Networks.

[21]  Ali A. Ghorbani,et al.  Research on Intrusion Detection and Response: A Survey , 2005, Int. J. Netw. Secur..

[22]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[23]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[24]  Jaideep Srivastava,et al.  A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection , 2003, SDM.

[25]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[26]  Leonid Portnoy,et al.  Intrusion detection with unlabeled data using clustering , 2000 .

[27]  Huan Liu,et al.  Subspace clustering for high dimensional data: a review , 2004, SKDD.

[28]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[29]  Ron Kohavi,et al.  Wrappers for Feature Subset Selection , 1997, Artif. Intell..

[30]  Bernhard Pfahringer,et al.  Winning the KDD99 classification cup: bagged boosting , 2000, SKDD.

[31]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[32]  Monowar H. Bhuyan,et al.  RODD: An Effective Reference-Based Outlier Detection Technique for Large Datasets , 2011 .

[33]  Ron Kohavi,et al.  Scaling Up the Accuracy of Naive-Bayes Classifiers: A Decision-Tree Hybrid , 1996, KDD.

[34]  Abdul Hanan Abdullah,et al.  Attribute normalization techniques and performance of intrusion classifiers: A comparative analysis , 2013 .

[35]  Ying Liu,et al.  Cluster-based outlier detection , 2009, Ann. Oper. Res..

[36]  Kalyanmoy Deb,et al.  Genetic Algorithms, Noise, and the Sizing of Populations , 1992, Complex Syst..

[37]  Aristides Gionis,et al.  k-means-: A Unified Approach to Clustering and Outlier Detection , 2013, SDM.

[38]  Philippe Owezarski,et al.  Unsupervised Network Intrusion Detection Systems: Detecting the Unknown without Knowledge , 2012, Comput. Commun..

[39]  Malcolm I. Heywood,et al.  Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 , 2005, PST.

[40]  Larry A. Rendell,et al.  The Feature Selection Problem: Traditional Methods and a New Algorithm , 1992, AAAI.

[41]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[42]  Carlos García Garino,et al.  Automatic network intrusion detection: Current techniques and open issues , 2012, Comput. Electr. Eng..

[43]  Salvatore J. Stolfo,et al.  Cost-based modeling for fraud and intrusion detection: results from the JAM project , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[44]  Todd L. Heberlein,et al.  Network intrusion detection , 1994, IEEE Network.

[45]  Huan Liu,et al.  Toward integrating feature selection algorithms for classification and clustering , 2005, IEEE Transactions on Knowledge and Data Engineering.

[46]  P. Balasubramanie,et al.  Multi Stage Filter Using Enhanced Adaboost for Network Intrusion Detection , 2012 .

[47]  Bruce W. Suter,et al.  The multilayer perceptron as an approximation to a Bayes optimal discriminant function , 1990, IEEE Trans. Neural Networks.

[48]  Kalyanmoy Deb,et al.  Muiltiobjective Optimization Using Nondominated Sorting in Genetic Algorithms , 1994, Evolutionary Computation.

[49]  Adetunmbi A. Olusola,et al.  Analysis of KDD '99 Intrusion Detection Dataset for Selection of Relevance Features , 2010 .

[50]  Dhruba Kumar Bhattacharyya,et al.  Anomaly Detection Analysis of Intrusion Data Using Supervised & Unsupervised Approach , 2010, J. Convergence Inf. Technol..

[51]  Aboul Ella Hassanien,et al.  Bi-Layer Behavioral-Based Feature Selection Approach for Network Intrusion Classification , 2011, FGIT-SecTech.

[52]  Dhruba K. Bhattacharyya,et al.  Network Anomaly Detection: A Machine Learning Perspective , 2013 .

[53]  Lei Li,et al.  A New Intrusion Detection System Based on Rough Set Theory and Fuzzy Support Vector Machine , 2011, 2011 3rd International Workshop on Intelligent Systems and Applications.

[54]  Alefiya Hussain,et al.  Effect of Malicious Traffic on the Network , 2003 .

[55]  Pat Langley,et al.  Estimating Continuous Distributions in Bayesian Classifiers , 1995, UAI.

[56]  Wes Masri,et al.  Generating profile-based signatures for online intrusion and failure detection , 2014, Inf. Softw. Technol..

[57]  P. Rousseeuw Silhouettes: a graphical aid to the interpretation and validation of cluster analysis , 1987 .

[58]  Ana L. N. Fred,et al.  Combining multiple clusterings using evidence accumulation , 2005, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[59]  David Beasley,et al.  An overview of genetic algorithms: Part 1 , 1993 .

[60]  Raja Azlina Raja Mahmood,et al.  Feature Selection Based on Genetic Algorithm and SupportVector Machine for Intrusion Detection System , 2013 .

[61]  Vishwas Sharma,et al.  Usefulness of DARPA dataset for intrusion detection system evaluation , 2008, SPIE Defense + Commercial Sensing.

[62]  Prospero C. Naval,et al.  An effective use of crowding distance in multiobjective particle swarm optimization , 2005, GECCO '05.

[63]  Zhang Nan,et al.  Using an improved clustering method to detect anomaly activities , 2006, Wuhan University Journal of Natural Sciences.

[64]  Li Guo,et al.  Network anomaly detection based on TCM-KNN algorithm , 2007, ASIACCS '07.

[65]  Hans-Peter Kriegel,et al.  A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise , 1996, KDD.

[66]  Lian Duan,et al.  A Local Density Based Spatial Clustering Algorithm with Noise , 2006, 2006 IEEE International Conference on Systems, Man and Cybernetics.

[67]  Huan Liu,et al.  Feature Selection for Classification , 1997, Intell. Data Anal..

[68]  Shenghui Wang Research of Intrusion Detection Based on an Improved K-means Algorithm , 2011, 2011 Second International Conference on Innovations in Bio-inspired Computing and Applications.

[69]  Hiroki Takakura,et al.  Toward a more practical unsupervised anomaly detection system , 2013, Inf. Sci..

[70]  R.K. Cunningham,et al.  Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[71]  Sridhar Ramaswamy,et al.  Efficient algorithms for mining outliers from large data sets , 2000, SIGMOD '00.

[72]  J. MacQueen Some methods for classification and analysis of multivariate observations , 1967 .

[73]  Jaeyeon Jung,et al.  Real-time detection of malicious network activity using stochastic models , 2006 .

[74]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.

[75]  R. K. Ursem Multi-objective Optimization using Evolutionary Algorithms , 2009 .

[76]  Shahrzad Zargari,et al.  Feature Selection in the Corrected KDD-dataset , 2012, 2012 Third International Conference on Emerging Intelligent Data and Web Technologies.

[77]  Michalis Vazirgiannis,et al.  c ○ 2001 Kluwer Academic Publishers. Manufactured in The Netherlands. On Clustering Validation Techniques , 2022 .

[78]  Dit-Yan Yeung,et al.  Parzen-window network intrusion detectors , 2002, Object recognition supported by user interaction for service robots.

[79]  T. Caliński,et al.  A dendrite method for cluster analysis , 1974 .

[80]  Giovanni Vigna,et al.  Intrusion detection: a brief history and overview , 2002 .

[81]  Qingshan Jiang,et al.  An Intrusion Detection System Based on the Clustering Ensemble , 2007, 2007 International Workshop on Anti-Counterfeiting, Security and Identification (ASID).

[82]  Mark A. Hall,et al.  Correlation-based Feature Selection for Machine Learning , 2003 .

[83]  Johan A. K. Suykens,et al.  Least Squares Support Vector Machine Classifiers , 1999, Neural Processing Letters.

[84]  K. Zaraska Prelude IDS : current state and development perspectives , 2003 .

[85]  Nikos D. Sidiropoulos,et al.  Co-clustering as multilinear decomposition with sparse latent factors , 2011, 2011 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[86]  Gary B. Wills,et al.  Unsupervised Clustering Approach for Network Anomaly Detection , 2012, NDT.

[87]  Abdul Hanan Abdullah,et al.  Unsupervised Anomaly Detection with Unlabeled Data Using Clustering , 2005 .

[88]  William Stallings,et al.  Network Security Essentials: Applications and Standards , 1999 .

[89]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[90]  M. Gordeev Intrusion Detection: Techniques and Approaches , 2003 .

[91]  Hiroki Takakura,et al.  Unsupervised Anomaly Detection Based on Clustering and Multiple One-Class SVM , 2009, IEICE Trans. Commun..

[92]  Chih-Jen Lin,et al.  LIBSVM: A library for support vector machines , 2011, TIST.

[93]  G. W. Milligan,et al.  An examination of procedures for determining the number of clusters in a data set , 1985 .

[94]  Tai-hoon Kim,et al.  Linear Correlation-Based Feature Selection for Network Intrusion Detection Model , 2013, SecNet.

[95]  Kalyani C. Waghmare,et al.  Intrusion Detection System Using Data Mining Technique : Support Vector Machine , 2013 .

[96]  Inderjit S. Dhillon,et al.  A generalized maximum entropy approach to bregman co-clustering and matrix approximation , 2004, J. Mach. Learn. Res..

[97]  Kalyanmoy Deb,et al.  Multi-objective Optimisation Using Evolutionary Algorithms: An Introduction , 2011, Multi-objective Evolutionary Optimisation for Product Design and Manufacturing.

[98]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[99]  Peter Steenkiste,et al.  Network Anomaly Detection Using Co-clustering , 2012, 2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining.

[100]  Philippe Owezarski,et al.  Knowledge-independent traffic monitoring: Unsupervised detection of network attacks , 2012, IEEE Network.

[101]  Taghi M. Khoshgoftaar,et al.  CLUSTERING-BASED NETWORK INTRUSION DETECTION , 2007 .

[102]  Jugal K. Kalita,et al.  NADO: network anomaly detection using outlier approach , 2011, ICCCS '11.

[103]  Radford M. Neal Pattern Recognition and Machine Learning , 2007, Technometrics.

[104]  S. Kent,et al.  On the trail of intrusions into information systems , 2000 .

[105]  Philippe Owezarski,et al.  Sub-Space clustering, Inter-Clustering Results Association & anomaly correlation for unsupervised network anomaly detection , 2011, 2011 7th International Conference on Network and Service Management.

[106]  Philippe Owezarski,et al.  Steps Towards Autonomous Network Security: Unsupervised Detection of Network Attacks , 2011, 2011 4th IFIP International Conference on New Technologies, Mobility and Security.

[107]  Xiangjian He,et al.  Unsupervised Feature Selection Method for Intrusion Detection System , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[108]  Karuppannan Jaishankar,et al.  Cyber Crime and the Victimization of Women: Laws, Rights and Regulations , 2012 .

[109]  Chi Cheng,et al.  Extreme learning machines for intrusion detection , 2012, The 2012 International Joint Conference on Neural Networks (IJCNN).

[110]  Yinhui Li,et al.  An efficient intrusion detection system based on support vector machines and gradually feature removal method , 2012, Expert Syst. Appl..

[111]  Christin Schäfer,et al.  Learning Intrusion Detection: Supervised or Unsupervised? , 2005, ICIAP.

[112]  Flávio Bortolozzi,et al.  Unsupervised feature selection using multi-objective genetic algorithms for handwritten word recognition , 2003, Seventh International Conference on Document Analysis and Recognition, 2003. Proceedings..

[113]  Donald W. Bouldin,et al.  A Cluster Separation Measure , 1979, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[114]  J. Kent Information gain and a general measure of correlation , 1983 .

[115]  Lucas M. Venter,et al.  A comparison of Intrusion Detection systems , 2001, Comput. Secur..

[116]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.