A hybrid approach for efficient anomaly detection using metaheuristic methods

Ghanem, Tamer F.; Elkilani, Wail S.; Abdul-Kader, Hatem

doi:10.1016/j.jare.2014.02.009

Cited by 59 publications

(23 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In E-HAD, DPM clusters dataset into 166 clusters which is near the recommended number of clusters in [4]. The detected number of clusters by DPM is used as input to k-means clustering algorithm in old HAD to make fair comparison.…”

Section: Resultsmentioning

confidence: 99%

“…As a result, DPM parameters, which are dimension divisions, dimensional dense threshold and histogram peak detection sensitivity, is set to values of 100, 0.1 and 0.1 respectively as used in that research. Also hyper-sphere radius upper limit is set to 2 as recommend in [4].…”

Section: Methodsmentioning

confidence: 99%

“…Detector generation process in the previously proposed intrusion detection approach [4] goes through a number of stages in order to generate anomaly detectors with high performance as stated below.…”

Section: Previously Proposed Intrusion Detection Approachmentioning

confidence: 99%

“…In previous research [4], we proposed a hybrid approach to anomaly detection using some inspiration of negative selection algorithm. Its detector generation (model building) is based on using k-means clustering along with a multi-start metaheuristic method and a genetic algorithm.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

An enhanced Hybrid Anomaly-based Detection Approach

Ghanem¹,

Elkilani²,

Ahmed³

et al. 2014

Universal Researchers (UR) Dec. 25-26, 2014 at Dubai (UAE)

View full text Add to dashboard Cite

Section: Resultsmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

Section: Previously Proposed Intrusion Detection Approachmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An enhanced Hybrid Anomaly-based Detection Approach

Ghanem¹,

Elkilani²,

Ahmed³

et al. 2014

Universal Researchers (UR) Dec. 25-26, 2014 at Dubai (UAE)

View full text Add to dashboard Cite

“…Tarek F.Ghanem [6] use the genetic algorithm, negative selection algorithm to combine K-Means,improve the detection rate of abnormal network,but after combining algorithm the complexity is too high.Chen [7] by using particle swarm optimization (PSO) and K-Means algorithm combined to categorize web pages,Zhen Kuai et al [8] use of Iris data, but also to reduce the false detection rate of onlyusing the K-Means by combining PSOwith K-Means,Amin Karami [9] for CCN new network, combined PSO with K-Means to improve the detection rate and reduce the false detection rate.…”

Section: Related Workmentioning

confidence: 99%

A hybrid approach for anomaly detection using K-means and PSO

Wang¹,

Qin²

2016

Proceedings of the 2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 2016)

View full text Add to dashboard Cite

Abstract.The network intrusion detection systems which based on anomaly detection techniques plays an important role in protection network and systems from harmful attacks. With increasing in attacks and the new security challenges, The lower accuracy of anomaly detection method based on cluster analysis network traffic is a big question, In this paper, we proposed a hybrid anomaly detection method by combining the Particle Swarm Optimization(PSO) and K-Means clustering algorithms improving the accuracy. We first preprocess features of data traffic, extract the characteristics of the various categories of attack, and then use parallel PSO calculation, to find the best or a little approximations to optimal clustering initial point. Finally, we perform the K-Means clustering algorithm. Experiment results show the effectiveness of the proposed optimization scheme.

show abstract

A novel ensembled technique for anomaly detection

Garg

Batra

2017

Int J Communication

View full text Add to dashboard Cite

Anomaly detection is a technique that works to detect those instances of data that do not comply with the data model. In this paper the problem of anomaly detection in networked traffic data is considered, and a novel ensembled technique for anomaly detection is proposed. The proposed technique uses a combination of fuzzy K-means clustering algorithm, extended Kalman filter, and support vector machines to detect the anomalies. In the proposed technique, fuzzy membership functions are used instead of crisp clusters to compute the best set of features by fuzzy k-means algorithm. These features are then optimized with a nonlinear Bayesian approach known as extended Kalman filter. The resultant optimized set of features is then provided as an input to the support vector machine classifier that detects the network anomalies. The proposed technique is validated by using 2 benchmark datasets, ie, DARPA 1998 and KDD CUP 1999. Experimental results indicate that the proposed technique performs quite well as compared to its traditional counterparts in accuracy, detection rate, false positive rate, and F-score. KEYWORDSanomaly detection, extended Kalman filter, fuzzy K-means, support vector machines 1 Int J Commun Syst. 2017;30:e3248.wileyonlinelibrary.com/journal/dac

show abstract

A hybrid approach for efficient anomaly detection using metaheuristic methods

Cited by 59 publications

References 31 publications

An enhanced Hybrid Anomaly-based Detection Approach

An enhanced Hybrid Anomaly-based Detection Approach

A hybrid approach for anomaly detection using K-means and PSO

A novel ensembled technique for anomaly detection

Contact Info

Product

Resources

About