Share Email Print
cover

Proceedings Paper

A clustering algorithm for intrusion detection
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

In this paper, we introduce a new clustering algorithm, FCC, for intrusion detection based on the concept of fuzzy connectedness. This concept was introduced by Rosenfeld in 1979 and used with success in image segmentation; here we extend this approach to clustering and demonstrate its effectiveness in intrusion detection. Starting with a single or a few seed points in each cluster, all the data points are dynamically assigned to the cluster that has the highest fuzzy connectedness value (strongest connection). With an efficient heuristic algorithm, the time complexity of the clustering process is O(NlogN), where N is the number of data points. The value of fuzzy connectedness is calculated using both the Euclidean distance and the statistical properties of clusters. This unsupervised learning method allows the discovery of clusters of any shape. Application of the method in intrusion detection demonstrates that it can detect not only known intrusion types, but also their variants. Experimental results on the KDD-99 intrusion detection data set show the efficiency and accuracy of this method. A detection rate above 94% and a false alarm rate below 4% are achieved, outperforming major competitors by at least 5%.

Paper Details

Date Published: 28 March 2005
PDF: 8 pages
Proc. SPIE 5812, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, (28 March 2005); doi: 10.1117/12.603567
Show Author Affiliations
Qiang Wang, Temple Univ. (United States)
Vasileios Megalooikonomou, Temple Univ. (United States)


Published in SPIE Proceedings Vol. 5812:
Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005
Belur V. Dasarathy, Editor(s)

© SPIE. Terms of Use
Back to Top