Anomaly detection using a self-organizing map and particle swarm optimization

Abstract Self-Organizing Maps (SOMs) are among the most well-known, unsupervised neural network approaches to clustering, which are very efficient in handling large and high dimensional datasets. The original Particle Swarm Optimization (PSO) is another algorithm discovered through simplified social model simulation, which is effective in nonlinear optimization problems and easy to implement. In the present study, we combine these two methods and introduce a new method for anomaly detection. A discussion about our method is presented, its results are compared with some other methods and its advantages over them are demonstrated. In order to apply our method, we also performed a case study on forest fire detection. Our algorithm was shown to be simple and to function better than previous ones. We can apply it to different domains of anomaly detection. In fact, we observed our method to be a generic algorithm for anomaly detection that may need few changes for implementation in different domains.

[1]  Amit Konar,et al.  Automatic kernel clustering with a Multi-Elitist Particle Swarm Optimization Algorithm , 2008, Pattern Recognit. Lett..

[2]  Yorick Wilks,et al.  Unsupervised Anomaly Detection , 2007, IJCAI.

[3]  Julie Greensmith,et al.  Information fusion for anomaly detection with the dendritic cell algorithm , 2010, Inf. Fusion.

[4]  Anuraganand Sharma,et al.  Performance comparison of particle swarm optimization with traditional clustering algorithms used in self organizing map , 2009 .

[5]  Eleazar Eskin,et al.  A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA , 2002 .

[6]  Deborah A. Frincke,et al.  Alert confidence fusion in intrusion detection systems with extended Dempster-Shafer theory , 2005, ACM-SE 43.

[7]  Akira Maeda,et al.  Unsupervised Outlier Detection in Time Series Data , 2006, 22nd International Conference on Data Engineering Workshops (ICDEW'06).

[8]  Chang-Tien Lu,et al.  Survey of fraud detection techniques , 2004, IEEE International Conference on Networking, Sensing and Control, 2004.

[9]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[10]  Uwe Aickelin,et al.  An Immune Inspired Approach to Anomaly Detection , 2009, ArXiv.

[11]  Wei Zhao,et al.  Intrusion Aware System-on-a-Chip Design with Uncertainty Classification , 2008, 2008 International Conference on Embedded Software and Systems.

[12]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.

[13]  Symeon Papavassiliou,et al.  Data fusion algorithms for network anomaly detection: classification and evaluation , 2007, International Conference on Networking and Services (ICNS '07).

[14]  Gaia Maselli Design and Implementation of an Anomaly Detection System: an Empirical Approach , 2003 .

[15]  Xiao-Feng Xie,et al.  Hybrid particle swarm optimizer with mass extinction , 2002, IEEE 2002 International Conference on Communications, Circuits and Systems and West Sino Expositions.

[16]  P. Cortez,et al.  A data mining approach to predict forest fires using meteorological data , 2007 .

[17]  Anthony Brabazon,et al.  Self-organising swarm (SOSwarm) , 2008, Soft Comput..

[18]  José R. Dorronsoro,et al.  Neural fraud detection in credit card operations , 1997, IEEE Trans. Neural Networks.

[19]  N. Golmie,et al.  On the Use of Wireless Network Technologies in Healthcare Environments , 2005 .

[20]  M Syeda,et al.  Parallel granular neural networks for fast credit card fraud detection , 2002, 2002 IEEE World Congress on Computational Intelligence. 2002 IEEE International Conference on Fuzzy Systems. FUZZ-IEEE'02. Proceedings (Cat. No.02CH37291).

[21]  Xiao-Feng Xie,et al.  Adaptive particle swarm optimization on individual level , 2002, 6th International Conference on Signal Processing, 2002..

[22]  Risto Miikkulainen,et al.  Intrusion Detection with Neural Networks , 1997, NIPS.

[23]  K. Hassibi Detecting Payment Card Fraud with Neural Networks , 2000 .

[24]  Basil S. Maglaris,et al.  Towards multisensor data fusion for DoS detection , 2004, SAC '04.

[25]  Xiaojin Zhu,et al.  --1 CONTENTS , 2006 .

[26]  Siti Mariyam Shamsuddin,et al.  Particle Swarm Optimization For Neural Network Learning Enhancement , 2008 .

[27]  Basil S. Maglaris,et al.  One step ahead to multisensor data fusion for DDoS detection , 2005, J. Comput. Secur..

[28]  Christos Siaterlis,et al.  A novel approach for a Distributed Denial of Service Detection Engine , 2003 .

[29]  Rayford B. Vaughn,et al.  Fuzzy cognitive maps for decision support in an intelligent intrusion detection system , 2001, Proceedings Joint 9th IFSA World Congress and 20th NAFIPS International Conference (Cat. No. 01TH8569).

[30]  Rüdiger W. Brause,et al.  Neural data mining for credit card fraud detection , 1999, Proceedings 11th International Conference on Tools with Artificial Intelligence.

[31]  Rui Xu,et al.  Survey of clustering algorithms , 2005, IEEE Transactions on Neural Networks.

[32]  Russell C. Eberhart,et al.  Gene clustering using self-organizing maps and particle swarm optimization , 2003, Proceedings International Parallel and Distributed Processing Symposium.

[33]  Anup K. Ghosh,et al.  A Study in Using Neural Networks for Anomaly and Misuse Detection , 1999, USENIX Security Symposium.

[34]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[35]  Eugene H. Spafford,et al.  A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION , 1994 .

[36]  Kate A. Smith,et al.  Introduction to Neural Networks and Data Mining for Business Applications , 2000 .