2017
DOI: 10.3906/elk-1601-105
|View full text |Cite
|
Sign up to set email alerts
|

Intrusion detection in network flows based on an optimized clustering criterion

Abstract: Abstract:Graph-based intrusion detection approaches consider the network as a graph and detect anomalies based on graph metrics. However, most of these approaches succumb to the cluster-based behavior of the anomalies. To resolve this problem in our study, we use flow and graph-clustering concepts to create a data set first. A new criterion related to the average weight of clusters is then defined and a model is proposed to detect attacks based on the above-mentioned criterion. Finally, the model is evaluated … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
4
0

Year Published

2018
2018
2022
2022

Publication Types

Select...
7
2

Relationship

0
9

Authors

Journals

citations
Cited by 12 publications
(4 citation statements)
references
References 35 publications
0
4
0
Order By: Relevance
“…In [36], the authors proposed a method based on graph-clustering. The criterion for detection is based on the internal and external weights of clusters.…”
Section: Statistical Basedmentioning
confidence: 99%
“…In [36], the authors proposed a method based on graph-clustering. The criterion for detection is based on the internal and external weights of clusters.…”
Section: Statistical Basedmentioning
confidence: 99%
“…Various unsupervised learning algorithms have been applied, however, most of them have huge memory requirements [2,11]. Clustering has been used [12][13][14], but incorrect grouping would lead to higher risk of false negatives. As a result, dimensionality reduction becomes a crucial part of the process and thus the majority of approaches have focused on the use of PCA for this task [3,15].…”
Section: Imentioning
confidence: 99%
“…[31] [21] The piecewise linear neural branch predictor It provides much greater precision but dramatically increases the overhead of control pointing and recovery and the number of adders.…”
Section: Related Workmentioning
confidence: 99%