Paper Info
Title
An unsupervised method for intrusion detection using spectral clustering
Abstract
In this paper we present an unsupervised approach for intrusion detection based on spectral clustering (SC). Recently spectral clustering has gained wider application because of its promising results on several challenging clustering problems [1]. SC uses spectral graph theory to form a Laplacian matrix where the first k eigenvectors of this matrix are clustered using k-means to form representative clusters. The representative clusters are labeled normal or anomalous according to an assignment heuristic. We have provided different techniques to detect intrusions (or anomalies) which are scattered uniformly and form small clusters of anomalous data. To improve the clustering results, the scattered anomalies are detected and removed before representative clusters are formed using SC. For evaluation, a synthetic and real data set (KDD Cup 1999) are used and our results show that the application of SC is a promising approach to the development of an intrusion detection system. From the experiments we demonstrate that the application of SC yields a detection rate (DR) in the range of 91%-100% with the false positive rate (FPR) being less than 4.5%.
Year
DOI
Venue
2009
10.1109/CICYBS.2009.4925096
Nashville, TN
Keywords
Field
DocType
graph theory,matrix algebra,pattern clustering,security of data,Laplacian matrix,detection rate,false positive rate,intrusion detection system,k-means,spectral clustering,spectral graph theory
Graph theory,k-means clustering,Laplacian matrix,Spectral clustering,Spectral graph theory,Correlation clustering,Pattern recognition,Artificial intelligence,Cluster analysis,Intrusion detection system,Mathematics
Conference
ISBN
Citations 
PageRank 
978-1-4244-2769-7
2
0.38
References 
Authors
7
3
Name
Order
Citations
PageRank
Siddharth Gujral120.38
Estefan Ortiz220.38
Vassilis L. Syrmos37424.22