Title | ||
---|---|---|
Online feature selected semi-supervised decision trees for network intrusion detection. |
Abstract | ||
---|---|---|
Network intrusion detection systems need to detect abnormal behaviour in network data as soon as possible and with as little user intervention as possible. In this paper, we describe a semi-supervised network anomaly detection system. Our system uses online clustering to summarize the available network data. Clusters are represented using extended cluster features that comprise of not only features related to the original features, but also features that describe the relationships between clusters. Each cluster is labeled by the user as anomaly or normal and then a decision tree is trained based on this information. The incoming new data is labeled according to the output of the decision tree. We show that this system achieves much better performance than an unsupervised anomaly detection system. We also show that using online feature selection on the cluster features reduces the decision tree complexity without hindering the accuracy. |
Year | Venue | Field |
---|---|---|
2016 | IEEE IFIP Network Operations and Management Symposium | Anomaly detection,Decision tree,Data mining,Feature selection,Pattern recognition,Computer science,Feature extraction,Artificial intelligence,Cluster analysis,Intrusion detection system,Decision tree learning,Incremental decision tree |
DocType | ISSN | Citations |
Conference | 1542-1201 | 0 |
PageRank | References | Authors |
0.34 | 10 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zehra Cataltepe | 1 | 166 | 16.39 |
Ümit Ekmekçi | 2 | 0 | 1.01 |
Tanju Cataltepe | 3 | 0 | 0.34 |
Ismail Kelebek | 4 | 0 | 0.34 |