Local outlier factor and stronger one class classifier based hierarchical model for detection of attacks in network intrusion detection dataset

Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modded, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier det...

Full description

Saved in:
Bibliographic Details
Published inFrontiers of Computer Science Vol. 10; no. 4; pp. 755 - 766
Main Authors VASUDEVAN, Alampallam Ramaswamy, SELVAKUMAR, Subramanian
Format Journal Article
LanguageEnglish
Published Beijing Higher Education Press 01.08.2016
Springer Nature B.V
Subjects
Classifiers
Clustering
Communications traffic
Computer Science
Data analysis
Data mining
Datasets
Deviation
Dirichlet
Dirichlet problem
Discretizer
DP clustering
False alarms
hierarchical model
Intrusion detection systems
LOF
Machine learning
NIDS
one class classifier
Outliers (statistics)
Research Article
Supervised learning
Traffic models
分类器
因子和
局部异常因子
层次模型
数据集
监督学习
网络入侵检测系统
LOF
hierarchical model
one class classifier
DP clustering
NIDS
Discretizer
Online AccessGet full text

Cover

Abstract Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modded, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier detection system, the normal network traffic is modeled. Any deviation from the normal model is deemed to be an outlier/attack. Data mining and machine learning techniques are widely used in offline NIDS. Unsupervised and supervised learning techniques differ the way NIDS dataset is treated. The characteristic features of unsupervised and supervised learning are finding patterns in data, detecting outliers, and determining a learned function for input features, generalizing the data instances respectively. The intuition is that if these two techniques are combined, better performance may be obtained. Hence, in this paper the advantages of unsupervised and supervised techniques are inherited in the proposed hierarchical model and devised into three stages to detect attacks in NIDS dataset. NIDS dataset is clustered using Dirichiet process (DP) clustering based on the underlying data distribution. Iteratively on each cluster, local denser areas are identified using local outlier factor (LOF) which in turn is discretized into four bins of separation based on LOF score. Further, in each bin the normal data instances are modeled using one class classifier (OCC). A combination of Density Estimation method, Reconstruction method, and Boundary methods are used for OCC model. A product rule combination of the three methods takes into consideration the strengths of each method in building a stronger OCC model. Any deviation from this model is considered as an attack. Experiments are conducted on KDD CUP'99 and SSENet-2011 datasets. The results show that the proposed model is able to identify attacks with higher detection rate and low false alarms.
AbstractList Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modeled, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier detection system, the normal network traffic is modeled. Any deviation from the normal model is deemed to be an outlier/ attack. Data mining and machine learning techniques are widely used in offline NIDS. Unsupervised and supervised learning techniques differ the way NIDS dataset is treated. The characteristic features of unsupervised and supervised learning are finding patterns in data, detecting outliers, and determining a learned function for input features, generalizing the data instances respectively. The intuition is that if these two techniques are combined, better performance may be obtained. Hence, in this paper the advantages of unsupervised and supervised techniques are inherited in the proposed hierarchical model and devised into three stages to detect attacks in NIDS dataset. NIDS dataset is clustered using Dirichlet process (DP) clustering based on the underlying data distribution. Iteratively on each cluster, local denser areas are identified using local outlier factor (LOF) which in turn is discretized into four bins of separation based on LOF score. Further, in each bin the normal data instances are modeled using one class classifier (OCC). A combination of Density Estimation method, Reconstruction method, and Boundary methods are used for OCC model. A product rule combination of the threemethods takes into consideration the strengths of each method in building a stronger OCC model. Any deviation from this model is considered as an attack. Experiments are conducted on KDD CUP’99 and SSENet-2011 datasets. The results show that the proposed model is able to identify attacks with higher detection rate and low false alarms.
Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modded, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier detection system, the normal network traffic is modeled. Any deviation from the normal model is deemed to be an outlier/attack. Data mining and machine learning techniques are widely used in offline NIDS. Unsupervised and supervised learning techniques differ the way NIDS dataset is treated. The characteristic features of unsupervised and supervised learning are finding patterns in data, detecting outliers, and determining a learned function for input features, generalizing the data instances respectively. The intuition is that if these two techniques are combined, better performance may be obtained. Hence, in this paper the advantages of unsupervised and supervised techniques are inherited in the proposed hierarchical model and devised into three stages to detect attacks in NIDS dataset. NIDS dataset is clustered using Dirichiet process (DP) clustering based on the underlying data distribution. Iteratively on each cluster, local denser areas are identified using local outlier factor (LOF) which in turn is discretized into four bins of separation based on LOF score. Further, in each bin the normal data instances are modeled using one class classifier (OCC). A combination of Density Estimation method, Reconstruction method, and Boundary methods are used for OCC model. A product rule combination of the three methods takes into consideration the strengths of each method in building a stronger OCC model. Any deviation from this model is considered as an attack. Experiments are conducted on KDD CUP'99 and SSENet-2011 datasets. The results show that the proposed model is able to identify attacks with higher detection rate and low false alarms.
Author Alampallam Ramaswamy VASUDEVAN Subramanian SELVAKUMAR
AuthorAffiliation CDBR-SSE Lab, Department of Computer Science and Engineering, National Institute of Technology, Tiruchirappalli (NITT), Tiruchirappalli 620015, India
Author_xml – sequence: 1
  givenname: Alampallam Ramaswamy
  surname: VASUDEVAN
  fullname: VASUDEVAN, Alampallam Ramaswamy
  organization: CDBR-SSE Lab, Department of Computer Science and Engineering, National Institute of Technology, Tiruchirappalli (NITT), Tiruchirappalli 620015, India
– sequence: 2
  givenname: Subramanian
  surname: SELVAKUMAR
  fullname: SELVAKUMAR, Subramanian
  email: ssk@nitt.edu
  organization: CDBR-SSE Lab, Department of Computer Science and Engineering, National Institute of Technology, Tiruchirappalli (NITT), Tiruchirappalli 620015, India
BookMark eNp9kcFOHSEUhomxSdX6AN0Ru572ADMMLBujtslNumnXhIGDMzoOV-DG-BS-cpmM0Z0bOIH__8_Jd07J8RIXJOQrg-8MoP-RGeuhbYB1TceYbNQROeGgu4ZzIY_faq4-k_Oc7wCAA-86zk_Iyy46O9N4KPOEiQbrSkzULp7mkuJyW99qL-pmm_N2TmEVDjajp2MtbXLjtGY8RI8zDdXusaArU1xoDNSWYt19ptNCFyxPMd3XsqRDXv_fld6WGlm-kE_BzhnPX-8z8u_66u_lr2b35-b35c9d44TmpbFKB1SKBRwgdEJK4fpWDlINrQIGA7dCag_YOwSGvfaWQS9sp3zQDJQQZ-TblrtP8fGAuZi7eEhLbWm4ZqqvgFpeVWxTuRRzThjMPk0PNj0bBmZFbzb0pqI3K3qjqodvnly1K8D35I9MajON0-2ICf0-Yc4m1BWUyvhj68XrjGPd12Nt-TaklFp2um2Z-A9uf6gQ
CitedBy_id crossref_primary_10_1016_j_apenergy_2020_115402
crossref_primary_10_1016_j_jksuci_2019_08_003
crossref_primary_10_3390_iot1010006
crossref_primary_10_3390_app10175811
crossref_primary_10_3390_s22239144
crossref_primary_10_1007_s11771_019_4233_1
crossref_primary_10_1007_s11227_022_04459_7
Cites_doi 10.4108/trans.sis.2013.01-03.e2
10.1109/CSAC.1999.816048
10.1145/335191.335388
10.1109/2.781637
10.1007/s00778-006-0002-5
10.3115/1705415.1705425
10.1016/j.jss.2006.12.546
10.1016/j.comcom.2011.07.001
10.1049/ip-vis:19941330
10.1109/SURV.2013.052213.00046
10.1016/j.patrec.2005.11.007
10.1109/TKDE.2012.35
10.1093/biomet/66.2.229
10.1145/2594473.2594476
10.1016/j.cose.2011.05.008
10.1007/3-540-48219-9_30
10.1007/978-90-481-3662-9_86
10.1016/j.cose.2008.12.001
10.1007/978-3-540-87479-9_51
10.1080/09700160903354450
10.1007/1-4020-3675-2_25
10.1016/j.eswa.2008.06.138
10.1109/60.749142
10.1145/335191.335437
10.1016/j.ins.2013.03.022
10.1137/1.9781611972733.3
10.1145/276304.276312
10.1109/TSE.1987.232894
10.1007/s10844-005-0265-0
10.1002/9780470316801
10.1016/j.asoc.2008.06.001
10.1007/978-94-007-4786-9_3
10.1016/j.inffus.2006.10.002
10.1007/978-3-642-41299-8_35
10.1109/AHICI.2011.6113948
10.1007/s007780050009
10.1007/s007780050006
10.1016/j.patrec.2009.09.011
10.1145/1645953.1646195
10.1145/312129.312195
ContentType Journal Article
Copyright Copyright reserved, 2016, Higher Education Press and Springer-Verlag Berlin Heidelberg
Higher Education Press and Springer-Verlag Berlin Heidelberg 2016
Higher Education Press and Springer-Verlag Berlin Heidelberg 2016.
Copyright_xml – notice: Copyright reserved, 2016, Higher Education Press and Springer-Verlag Berlin Heidelberg
– notice: Higher Education Press and Springer-Verlag Berlin Heidelberg 2016
– notice: Higher Education Press and Springer-Verlag Berlin Heidelberg 2016.
DBID 2RA
92L
CQIGP
W92
~WA
AAYXX
CITATION
8FE
8FG
AFKRA
ARAPS
AZQEC
BENPR
BGLVJ
CCPQU
DWQXO
GNUQQ
HCIFZ
JQ2
K7-
P5Z
P62
PQEST
PQQKQ
PQUKI
DOI 10.1007/s11704-015-5116-8
DatabaseName 维普_期刊
中文科技期刊数据库-CALIS站点
维普中文期刊数据库
中文科技期刊数据库-工程技术
中文科技期刊数据库- 镜像站点
CrossRef
ProQuest SciTech Collection
ProQuest Technology Collection
ProQuest Central UK/Ireland
Advanced Technologies & Aerospace Database‎ (1962 - current)
ProQuest Central Essentials
ProQuest Central
Technology Collection
ProQuest One Community College
ProQuest Central
ProQuest Central Student
SciTech Premium Collection (Proquest) (PQ_SDU_P3)
ProQuest Computer Science Collection
Computer Science Database
ProQuest Advanced Technologies & Aerospace Database
ProQuest Advanced Technologies & Aerospace Collection
ProQuest One Academic Eastern Edition (DO NOT USE)
ProQuest One Academic
ProQuest One Academic UKI Edition
DatabaseTitle CrossRef
Advanced Technologies & Aerospace Collection
Computer Science Database
ProQuest Central Student
Technology Collection
ProQuest Advanced Technologies & Aerospace Collection
ProQuest Central Essentials
ProQuest Computer Science Collection
ProQuest One Academic Eastern Edition
SciTech Premium Collection
ProQuest One Community College
ProQuest Technology Collection
ProQuest SciTech Collection
ProQuest Central
Advanced Technologies & Aerospace Database
ProQuest One Academic UKI Edition
ProQuest Central Korea
ProQuest One Academic
DatabaseTitleList


Advanced Technologies & Aerospace Collection
Database_xml – sequence: 1
  dbid: 8FG
  name: ProQuest Technology Collection
  url: https://search.proquest.com/technologycollection1
  sourceTypes: Aggregation Database
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
DocumentTitleAlternate Local outlier factor and stronger one class classifier based hierarchical model for detection of attacks in network intrusion detection dataset
EISSN 2095-2236
EndPage 766
ExternalDocumentID 10_1007_s11704_015_5116_8
10.1007/s11704-015-5116-8
669659441
GroupedDBID -EM
.VR
06D
0VY
1-T
2J2
2JN
2JY
2KG
2KM
2LR
2RA
30V
4.4
406
408
40E
5VS
92L
95-
95.
96X
AABHQ
AAFGU
AAIAL
AAJKR
AANZL
AARHV
AARTL
AATLR
AATNV
AATVU
AAUYE
AAWCG
AAYFA
AAYIU
AAYQN
AAYTO
ABDZT
ABECU
ABFGW
ABFTD
ABFTV
ABHQN
ABJNI
ABJOX
ABKAS
ABKCH
ABMQK
ABNWP
ABQBU
ABSXP
ABTEG
ABTHY
ABTKH
ABTMW
ABWNU
ABXPI
ACAOD
ACBMV
ACBRV
ACBXY
ACGFS
ACHSB
ACHXU
ACIPQ
ACKNC
ACMDZ
ACMLO
ACOKC
ACSNA
ACTTH
ACVWB
ACWMK
ACZOJ
ADHIR
ADINQ
ADKNI
ADKPE
ADMDM
ADOXG
ADRFC
ADTPH
ADURQ
ADYFF
ADZKW
AEBTG
AEFTE
AEGNC
AEJHL
AEJRE
AEKMD
AENEX
AEOHA
AEPYU
AESKC
AESTI
AETLH
AEVLU
AEVTX
AEXYK
AFKRA
AFLOW
AFNRJ
AFQWF
AFWTZ
AFZKB
AGAYW
AGDGC
AGGBP
AGJBK
AGMZJ
AGQMX
AGWIL
AGWZB
AGYKE
AHBYD
AHKAY
AHSBF
AHYZX
AIAKS
AIIXL
AILAN
AIMYW
AITGF
AJBLW
AJDOV
AJRNO
AJZVZ
ALMA_UNASSIGNED_HOLDINGS
ALWAN
AMKLP
AMXSW
AMYLF
AOCGG
ARAPS
ARMRJ
AXYYD
B-.
BDATZ
BENPR
BGLVJ
BGNMA
CQIGP
CSCUP
DDRTE
DNIVK
DPUIP
EBLON
EBS
EIOEI
EJD
ESBYG
FERAY
FFXSO
FIGPU
FINBP
FNLPD
FRRFC
FSGXE
FWDCC
GGCAI
GGRSB
GJIRD
GNWQR
GQ6
GQ7
HCIFZ
HF~
HG6
HMJXF
HRMNR
HZ~
IKXTQ
IWAJR
IXD
I~Z
J-C
JBSCW
JZLTJ
K7-
KOV
LLZTM
M4Y
MA-
NPVJJ
NQJWS
NU0
O9J
P4S
PF0
PT4
R89
ROL
RSV
S16
S3B
SAP
SCL
SCO
SHX
SISQX
SNE
SNPRN
SNX
SOHCF
SOJ
SPISZ
SRMVM
SSLCW
STPWE
SZN
TSG
TUC
UG4
UNUBA
UOJIU
UTJUX
UZXMN
VFIZW
W48
W92
YLTOR
Z7R
Z7X
Z81
Z83
Z88
ZMTXR
~WA
AEMSY
AGQEE
CCPQU
AASML
ABAKF
ABMYL
AEFQL
AFBBN
AGRTI
AIGIU
0R~
AACDK
AAJBT
AAYXX
ACDTI
CITATION
H13
SJYHP
8FE
8FG
AZQEC
DWQXO
GNUQQ
JQ2
P62
PQEST
PQQKQ
PQUKI
ID FETCH-LOGICAL-c392t-a89fe881feb0f53663c746b68b48010b2a369d0e7ce01e79da1073a58df910833
IEDL.DBID AGYKE
ISSN 2095-2228
IngestDate Fri Sep 13 09:42:58 EDT 2024
Thu Sep 12 19:45:52 EDT 2024
Tue Mar 19 07:24:17 EDT 2024
Tue Feb 27 04:43:01 EST 2024
Wed Feb 14 10:23:29 EST 2024
IsPeerReviewed true
IsScholarly true
Issue 4
Keywords LOF
hierarchical model
one class classifier
DP clustering
NIDS
Discretizer
Language English
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c392t-a89fe881feb0f53663c746b68b48010b2a369d0e7ce01e79da1073a58df910833
Notes hierarchical model, DP clustering, LOF, Dis-cretizer, one class classifier, NIDS
11-5731/TP
Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modded, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier detection system, the normal network traffic is modeled. Any deviation from the normal model is deemed to be an outlier/attack. Data mining and machine learning techniques are widely used in offline NIDS. Unsupervised and supervised learning techniques differ the way NIDS dataset is treated. The characteristic features of unsupervised and supervised learning are finding patterns in data, detecting outliers, and determining a learned function for input features, generalizing the data instances respectively. The intuition is that if these two techniques are combined, better performance may be obtained. Hence, in this paper the advantages of unsupervised and supervised techniques are inherited in the proposed hierarchical model and devised into three stages to detect attacks in NIDS dataset. NIDS dataset is clustered using Dirichiet process (DP) clustering based on the underlying data distribution. Iteratively on each cluster, local denser areas are identified using local outlier factor (LOF) which in turn is discretized into four bins of separation based on LOF score. Further, in each bin the normal data instances are modeled using one class classifier (OCC). A combination of Density Estimation method, Reconstruction method, and Boundary methods are used for OCC model. A product rule combination of the three methods takes into consideration the strengths of each method in building a stronger OCC model. Any deviation from this model is considered as an attack. Experiments are conducted on KDD CUP'99 and SSENet-2011 datasets. The results show that the proposed model is able to identify attacks with higher detection rate and low false alarms.
LOF
Document accepted on :2015-10-15
one class classifier
Document received on :2015-03-23
DP clustering
hierarchical model
NIDS
Discretizer
PQID 2918720242
PQPubID 2044369
PageCount 12
ParticipantIDs proquest_journals_2918720242
crossref_primary_10_1007_s11704_015_5116_8
springer_journals_10_1007_s11704_015_5116_8
higheredpress_frontiers_10_1007_s11704_015_5116_8
chongqing_primary_669659441
PublicationCentury 2000
PublicationDate 2016-08-01
PublicationDateYYYYMMDD 2016-08-01
PublicationDate_xml – month: 08
  year: 2016
  text: 2016-08-01
  day: 01
PublicationDecade 2010
PublicationPlace Beijing
PublicationPlace_xml – name: Beijing
– name: Heidelberg
PublicationSubtitle Selected Publications from Chinese Universities
PublicationTitle Frontiers of Computer Science
PublicationTitleAbbrev Front. Comput. Sci
PublicationTitleAlternate Frontiers of Computer Science in China
PublicationYear 2016
Publisher Higher Education Press
Springer Nature B.V
Publisher_xml – name: Higher Education Press
– name: Springer Nature B.V
References Mukkamala, Janoski, Sung (CR16) 2002
Tax, Duin (CR55) 2001; 2096
Grossman (CR21) 1997
Kriegel, Kröger, Schubert, Zimek (CR36) 2009
Vasudevan, Harshini, Selvakumar (CR60) 2011
Wang, Yang, Muntz (CR44) 1997
Guttõrmsson, Marks, El-Sharkawi, Kerszenbaum (CR24) 1999; 14
Sanders, Smith (CR19) 2013
Jiang, Song, Wang, Han, Li (CR7) 2006; 27
Wu, Yen (CR6) 2009; 36
Denning (CR3) 1987; 13
Sinclair, Pierce, Matzner (CR13) 1999
Knorr, Ng (CR32) 1999
Vasudevan, Selvakumar (CR48) 2013
Lazarevic, Ertöz, Kumar, Ozgur, Srivastava (CR49) 2003
Su, Yu, Lin (CR11) 2009; 28
Mukkamala, Sung, Abraham, Ramos, Seruca, Cordeiro, Hammoudi, Filipe (CR9) 2006
Knorr, Ng, Tucakov (CR33) 2000; 8
Aggarwal (CR25) 2005
Mazhelis (CR57) 2006; 36
Tajbakhsh, Rahmati, Mirzaei (CR10) 2009; 9
Fawcett, Provost (CR28) 1999
Giacinto, Perdisci, Del Rio, Roli (CR59) 2008; 9
Bishop (CR29) 1994; 141
Altwaijry (CR17) 2012; 170
Helali, Sobh, Elleithy, Mahmood (CR8) 2010
Sheikholeslami, Chatterjee, Zhang (CR43) 2000; 8
Garcia, Luengo, Sáez, López, Herrera (CR51) 2013; 25
Ramaswamy, Rastogi, Shim (CR34) 2000; 29
Moya, Koch, Hostetler (CR54) 1993
Khan, Awad, Thuraisingham (CR41) 2007; 16
Tax (CR56) 2001
Estevez-Tapiador, Garcia-Teodoro, Diaz-Verdejo (CR20) 2004; 27
Sharma (CR2) 2010; 34
Anderson, Frivold, Valdes (CR27) 1995
Jain (CR15) 2010; 31
Freedman, Pisani (CR23) 1978
Yeung, Chow (CR30) 2002
Papadimitriou, Kitagawa, Gibbons, Faloutsos (CR37) 2003
Zhang, Hsu, Lee (CR45) 2005; 24
Kaufman, Rousseeuw (CR38) 1990
Zimek, Campello, Sander (CR50) 2013; 15
Wuu, Hung, Chen (CR18) 2007; 80
Fan, Bouguila, Sallay (CR47) 2013; 8171
Zhang (CR22) 2013; 13
Ng, Han (CR39) 1994
Karypis, Han, Kumar (CR42) 1999; 32
lachos, Korhonen, Ghahramani (CR46) 2009
Dougherty, Kohavi, Sahami (CR53) 1995
Sangkatsanee, Wattanapongsakorn, Charnsripinyo (CR12) 2011; 34
Abraham, Box (CR26) 1979; 66
Guha, Rastogi, Shim (CR40) 1998
Hempstalk, Frank, Witten (CR58) 2008; 5211
Davis, Clark (CR5) 2011; 30
Corona, Giacinto, Roli (CR1) 2013; 239
Bhuyan, Bhattacharyya, Kalita (CR4) 2014; 16
Breunig, Kriegel, Ng, Sander (CR35) 2000; 29
Fayyad, Irani (CR52) 1993
Sommer, Paxson (CR14) 2010
Knorr, Ng (CR31) 1998
S Mukkamala (5116_CR9) 2006
O Mazhelis (5116_CR57) 2006; 36
MM Breunig (5116_CR35) 2000; 29
A Lazarevic (5116_CR49) 2003
C Sinclair (5116_CR13) 1999
H Altwaijry (5116_CR17) 2012; 170
E M Knorr (5116_CR32) 1999
R GM Helali (5116_CR8) 2010
B Abraham (5116_CR26) 1979; 66
H P Kriegel (5116_CR36) 2009
J J Davis (5116_CR5) 2011; 30
S Guha (5116_CR40) 1998
W Fan (5116_CR47) 2013; 8171
S Papadimitriou (5116_CR37) 2003
J M Estevez-Tapiador (5116_CR20) 2004; 27
C Bishop (5116_CR29) 1994; 141
R T Ng (5116_CR39) 1994
A lachos (5116_CR46) 2009
L Khan (5116_CR41) 2007; 16
R Sommer (5116_CR14) 2010
S E Guttõrmsson (5116_CR24) 1999; 14
D Y Yeung (5116_CR30) 2002
A Sharma (5116_CR2) 2010; 34
J Zhang (5116_CR45) 2005; 24
U M Fayyad (5116_CR52) 1993
M Y Su (5116_CR11) 2009; 28
R L Grossman (5116_CR21) 1997
D Anderson (5116_CR27) 1995
W Wang (5116_CR44) 1997
P Sangkatsanee (5116_CR12) 2011; 34
C Sanders (5116_CR19) 2013
K Hempstalk (5116_CR58) 2008; 5211
D E Denning (5116_CR3) 1987; 13
S Y Wu (5116_CR6) 2009; 36
J Zhang (5116_CR22) 2013; 13
A R Vasudevan (5116_CR60) 2011
S Y Jiang (5116_CR7) 2006; 27
S Ramaswamy (5116_CR34) 2000; 29
A Zimek (5116_CR50) 2013; 15
S Mukkamala (5116_CR16) 2002
A K Jain (5116_CR15) 2010; 31
M H Bhuyan (5116_CR4) 2014; 16
S Garcia (5116_CR51) 2013; 25
G Karypis (5116_CR42) 1999; 32
T Fawcett (5116_CR28) 1999
DMJ Tax (5116_CR55) 2001; 2096
L C Wuu (5116_CR18) 2007; 80
J Dougherty (5116_CR53) 1995
D Freedman (5116_CR23) 1978
G Giacinto (5116_CR59) 2008; 9
D M J Tax (5116_CR56) 2001
L Kaufman (5116_CR38) 1990
E M Knorr (5116_CR31) 1998
G Sheikholeslami (5116_CR43) 2000; 8
M M Moya (5116_CR54) 1993
C C Aggarwal (5116_CR25) 2005
E M Knorr (5116_CR33) 2000; 8
A Tajbakhsh (5116_CR10) 2009; 9
I Corona (5116_CR1) 2013; 239
A R Vasudevan (5116_CR48) 2013
References_xml – volume: 13
  start-page: 1
  issue: 1
  year: 2013
  end-page: 26
  ident: CR22
  article-title: Advancements of outlier detection: a survey
  publication-title: ICST Transactions on Scalable Information Systems
  doi: 10.4108/trans.sis.2013.01-03.e2
  contributor:
    fullname: Zhang
– start-page: 371
  year: 1999
  end-page: 377
  ident: CR13
  article-title: An application of machine learning to network intrusion detection
  publication-title: Proceedings of the 15th Annual Conference on Computer Security Applications
  doi: 10.1109/CSAC.1999.816048
  contributor:
    fullname: Matzner
– start-page: 797
  year: 1993
  end-page: 801
  ident: CR54
  article-title: One-class classifier networks for target recognition applications
  publication-title: Proceedings of World Congress on Neural Networks
  contributor:
    fullname: Hostetler
– volume: 29
  start-page: 93
  issue: 2
  year: 2000
  end-page: 104
  ident: CR35
  article-title: LOF: identifying densitybased local outliers
  publication-title: ACM SIGMOD Record
  doi: 10.1145/335191.335388
  contributor:
    fullname: Sander
– volume: 32
  start-page: 68
  issue: 8
  year: 1999
  end-page: 75
  ident: CR42
  article-title: CHAMELEON: ahierarchical clustering algorithm using dynamic modeling
  publication-title: Computer
  doi: 10.1109/2.781637
  contributor:
    fullname: Kumar
– volume: 16
  start-page: 507
  issue: 4
  year: 2007
  end-page: 521
  ident: CR41
  article-title: A new intrusion detection system using support vector machines and hierarchical clustering
  publication-title: The VLDB Journal — The International Journal on Very Large Data Bases
  doi: 10.1007/s00778-006-0002-5
  contributor:
    fullname: Thuraisingham
– start-page: 74
  year: 2009
  end-page: 82
  ident: CR46
  article-title: Unsupervised and constrained Dirichlet process mixture models for verb clustering
  publication-title: Proceedings of the Workshop on Geometrical Models of Natural Language Semantics
  doi: 10.3115/1705415.1705425
  contributor:
    fullname: Ghahramani
– start-page: 392
  year: 1998
  end-page: 403
  ident: CR31
  article-title: Algorithms for mining distancebased outliers in large datasets
  publication-title: Proceedings of the 24th International Conference on Very Large Data Bases
  contributor:
    fullname: Ng
– year: 2013
  ident: CR19
  article-title: Applied Network Security Monitoring Collection, Detection, and Analysis
  publication-title: Elsevier
  contributor:
    fullname: Smith
– volume: 80
  start-page: 1699
  issue: 10
  year: 2007
  end-page: 1715
  ident: CR18
  article-title: Building intrusion pattern miner for Snort network intrusion detection system
  publication-title: Journal of Systems and Software
  doi: 10.1016/j.jss.2006.12.546
  contributor:
    fullname: Chen
– volume: 34
  start-page: 2227
  issue: 18
  year: 2011
  end-page: 2235
  ident: CR12
  article-title: Practical real-time intrusion detection using machine learning approaches
  publication-title: Computer Communications
  doi: 10.1016/j.comcom.2011.07.001
  contributor:
    fullname: Charnsripinyo
– volume: 141
  start-page: 217
  issue: 4
  year: 1994
  end-page: 222
  ident: CR29
  article-title: Novelty detection and neural network validation
  publication-title: IEE Proceedings — Vision, Image and Signal Processing
  doi: 10.1049/ip-vis:19941330
  contributor:
    fullname: Bishop
– year: 1978
  ident: CR23
  publication-title: Purves: Statistics
  contributor:
    fullname: Pisani
– year: 1997
  ident: CR21
  publication-title: Data Mining: Challenges and Opportunities for Data Mining During the Next Decade
  contributor:
    fullname: Grossman
– volume: 16
  start-page: 303
  issue: 1
  year: 2014
  end-page: 336
  ident: CR4
  article-title: Network anomaly detection: methods, systems and tools
  publication-title: IEEE Communications Surveys & Tutorials
  doi: 10.1109/SURV.2013.052213.00046
  contributor:
    fullname: Kalita
– start-page: 194
  year: 1995
  end-page: 202
  ident: CR53
  article-title: Supervised and unsupervised discretization of continuous features
  publication-title: Proceedings of the 12th International Conference on Machine Learning
  contributor:
    fullname: Sahami
– volume: 27
  start-page: 802
  issue: 7
  year: 2006
  end-page: 810
  ident: CR7
  article-title: A clustering-based method for unsupervised intrusion detections
  publication-title: Pattern Recognition Letters
  doi: 10.1016/j.patrec.2005.11.007
  contributor:
    fullname: Li
– volume: 27
  start-page: 1569
  issue: 16
  year: 2004
  end-page: 1584
  ident: CR20
  article-title: Anomaly detection methods in wired networks: a survey and taxonomy
  publication-title: Computer Networks
  contributor:
    fullname: Diaz-Verdejo
– year: 1995
  ident: CR27
  article-title: Next Generation Intrusion Detection Expert System (NIDES): A Summary
  publication-title: Menio Park, CA: SRI International, Computer Science Laboratory
  contributor:
    fullname: Valdes
– volume: 25
  start-page: 734
  issue: 4
  year: 2013
  end-page: 750
  ident: CR51
  article-title: A survey of discretization techniques: Taxonomy and empirical analysis in supervised learning
  publication-title: IEEE Transactions on Knowledge and Data Engineering
  doi: 10.1109/TKDE.2012.35
  contributor:
    fullname: Herrera
– start-page: 211
  year: 1999
  end-page: 222
  ident: CR32
  article-title: Finding Intentional Knowledge of Distance-based Outliers
  publication-title: Proceedings of the 25th International Conference on Very Large Data Bases
  contributor:
    fullname: Ng
– start-page: 1702
  year: 2002
  end-page: 1707
  ident: CR16
  article-title: Intrusion detection using neural networks and support vector machines
  publication-title: Proceedings of the 2002 International Joint Conference on Neural Networks
  contributor:
    fullname: Sung
– volume: 66
  start-page: 229
  issue: 2
  year: 1979
  end-page: 236
  ident: CR26
  article-title: Bayesian analysis of some outlier problems in time series
  publication-title: Biometrika
  doi: 10.1093/biomet/66.2.229
  contributor:
    fullname: Box
– volume: 15
  start-page: 11
  issue: 1
  year: 2013
  end-page: 22
  ident: CR50
  article-title: Ensembles for unsupervised outlier detection: challenges and research questions a position paper
  publication-title: ACM SIGKDD Explorations Newsletter
  doi: 10.1145/2594473.2594476
  contributor:
    fullname: Sander
– start-page: 385
  year: 2002
  end-page: 388
  ident: CR30
  article-title: Parzen-window network intrusion detectors
  publication-title: Proceedings of the 16th International Conference on Pattern Recognition
  contributor:
    fullname: Chow
– volume: 30
  start-page: 353
  issue: 6
  year: 2011
  end-page: 375
  ident: CR5
  article-title: Data preprocessing for anomaly based network intrusion detection: a review
  publication-title: Computers & Security
  doi: 10.1016/j.cose.2011.05.008
  contributor:
    fullname: Clark
– volume: 36
  start-page: 29
  year: 2006
  end-page: 48
  ident: CR57
  article-title: One-class classifiers: a review and analysis of suitability in the context of mobile-masquerader detection
  publication-title: South African Computer Journal
  contributor:
    fullname: Mazhelis
– start-page: 1022
  year: 1993
  end-page: 1027
  ident: CR52
  article-title: Multi-interval discretization of continuousvalued attributes for classification learning
  publication-title: Proceedings of the 13th International Joint Conference on Artificial Intelligence
  contributor:
    fullname: Irani
– volume: 2096
  start-page: 299
  year: 2001
  end-page: 308
  ident: CR55
  article-title: Combining one-class classifiers
  publication-title: Lecture Notes in Computer Science
  doi: 10.1007/3-540-48219-9_30
  contributor:
    fullname: Duin
– start-page: 501
  year: 2010
  end-page: 505
  ident: CR8
  article-title: Data mining based network intrusion detection system: a survey
  publication-title: Novel Algorithms and Techniques in Telecommunications and Networking.Springer Netherlands
  doi: 10.1007/978-90-481-3662-9_86
  contributor:
    fullname: Mahmood
– volume: 28
  start-page: 301
  issue: 5
  year: 2009
  end-page: 309
  ident: CR11
  article-title: A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach
  publication-title: Computers & Security
  doi: 10.1016/j.cose.2008.12.001
  contributor:
    fullname: Lin
– volume: 5211
  start-page: 505
  year: 2008
  end-page: 519
  ident: CR58
  article-title: One-class classification by combining density and class probability estimation
  publication-title: Lecture Notes in Computer Science
  doi: 10.1007/978-3-540-87479-9_51
  contributor:
    fullname: Witten
– volume: 34
  start-page: 62
  issue: 1
  year: 2010
  end-page: 73
  ident: CR2
  article-title: Cyber wars: a paradigm shift from means to ends
  publication-title: Strategic Analysis
  doi: 10.1080/09700160903354450
  contributor:
    fullname: Sharma
– year: 2001
  ident: CR56
  article-title: One-class classification, concept learning in the absence of counter examples
  publication-title: Dissertation for the Doctoral Degree. Delft: Delft University of Technology
  contributor:
    fullname: Tax
– start-page: 211
  year: 2006
  end-page: 218
  ident: CR9
  article-title: Intrusion detection systems using adaptive regression spines
  publication-title: Enterprise Information Systems VI
  doi: 10.1007/1-4020-3675-2_25
  contributor:
    fullname: Filipe
– start-page: 1649
  year: 2009
  end-page: 1652
  ident: CR36
  article-title: LoOP: Local Outlier Probabilities
  publication-title: Proceedings of the 18th ACM conference on Information and knowledge management
  contributor:
    fullname: Zimek
– volume: 36
  start-page: 5605
  issue: 3
  year: 2009
  end-page: 5612
  ident: CR6
  article-title: Data mining-based intrusion detectors
  publication-title: Expert Systems with Applications
  doi: 10.1016/j.eswa.2008.06.138
  contributor:
    fullname: Yen
– volume: 14
  start-page: 16
  issue: 1
  year: 1999
  end-page: 22
  ident: CR24
  article-title: Elliptical novelty grouping for on-line short-turn detection of excited running rotors
  publication-title: IEEE Transactions on Energy Conversion
  doi: 10.1109/60.749142
  contributor:
    fullname: Kerszenbaum
– volume: 29
  start-page: 427
  issue: 2
  year: 2000
  end-page: 438
  ident: CR34
  article-title: Efficient algorithms for mining outliers from large data sets
  publication-title: ACM SIGMOD Record
  doi: 10.1145/335191.335437
  contributor:
    fullname: Shim
– volume: 239
  start-page: 201
  issue: 1
  year: 2013
  end-page: 225
  ident: CR1
  article-title: Adversarial attacks against intrusion detection systems: taxonomy, solutions and open issues
  publication-title: Information Sciences
  doi: 10.1016/j.ins.2013.03.022
  contributor:
    fullname: Roli
– start-page: 25
  year: 2003
  end-page: 36
  ident: CR49
  article-title: A comparative study of anomaly detection schemes in network intrusion detection
  publication-title: Proceedings of the 2003 SIAM International Conference on Data Mining
  doi: 10.1137/1.9781611972733.3
  contributor:
    fullname: Srivastava
– start-page: 73
  year: 1998
  end-page: 84
  ident: CR40
  article-title: CURE: an efficient clustering algorithm for large databases
  publication-title: Proceedings of the 1998 ACM SIGMOD International Conference on Management of Data
  doi: 10.1145/276304.276312
  contributor:
    fullname: Shim
– volume: 13
  start-page: 222
  issue: 2
  year: 1987
  end-page: 232
  ident: CR3
  article-title: An intrusion-detection model
  publication-title: IEEE Transactions on Software Engineering
  doi: 10.1109/TSE.1987.232894
  contributor:
    fullname: Denning
– volume: 24
  start-page: 5
  issue: 1
  year: 2005
  end-page: 27
  ident: CR45
  article-title: Clustering in dynamic spatial databases
  publication-title: Journal of Intelligent Information Systems
  doi: 10.1007/s10844-005-0265-0
  contributor:
    fullname: Lee
– year: 1990
  ident: CR38
  publication-title: Finding Groups in Data: An Introduction to Cluster Analysis
  doi: 10.1002/9780470316801
  contributor:
    fullname: Rousseeuw
– volume: 9
  start-page: 462
  issue: 2
  year: 2009
  end-page: 469
  ident: CR10
  article-title: Intrusion detection using fuzzy association rules
  publication-title: Applied Soft Computing
  doi: 10.1016/j.asoc.2008.06.001
  contributor:
    fullname: Mirzaei
– start-page: 315
  year: 2003
  end-page: 326
  ident: CR37
  article-title: LOCI: fast outlier detection using the local correlation integral
  publication-title: Proceedings of the 19th IEEE International Conference on Data Engineering
  contributor:
    fullname: Faloutsos
– year: 2005
  ident: CR25
  article-title: OnAbnormality Detection in Spuriously Populated Data Streams
  publication-title: Proceedings of the 2005 SIAM International Conference on Data Mining
  contributor:
    fullname: Aggarwal
– start-page: 144
  year: 1994
  end-page: 155
  ident: CR39
  article-title: Efficient and effective clustering methods for spatial data mining
  publication-title: Proceedings of the 20th International Conference on Very Large Data Bases
  contributor:
    fullname: Han
– volume: 170
  start-page: 29
  year: 2012
  end-page: 44
  ident: CR17
  article-title: Bayesian based intrusion detection system
  publication-title: Lecture Notes in Electrical Engineering
  doi: 10.1007/978-94-007-4786-9_3
  contributor:
    fullname: Altwaijry
– year: 2013
  ident: CR48
  article-title: Evolution of a hybrid model using Dirichlet process clustering technique and naive Bayes cassifier for an effective perimeter security device
  publication-title: Technical Report
  contributor:
    fullname: Selvakumar
– volume: 9
  start-page: 69
  issue: 1
  year: 2008
  end-page: 82
  ident: CR59
  article-title: Intrusion detection in computer networks by a modular ensemble of one-class classifiers
  publication-title: Information Fusion
  doi: 10.1016/j.inffus.2006.10.002
  contributor:
    fullname: Roli
– start-page: 305
  year: 2010
  end-page: 316
  ident: CR14
  article-title: Outside the closed world: on using machine learning for network intrusion detection
  publication-title: Proceedings of IEEE Symposium on Security and Privacy
  contributor:
    fullname: Paxson
– volume: 8171
  start-page: 364
  year: 2013
  end-page: 373
  ident: CR47
  article-title: Anomaly intrusion detection using incremental learning of an infinite mixture model with feature selection
  publication-title: Lecture Notes in Computer Science
  doi: 10.1007/978-3-642-41299-8_35
  contributor:
    fullname: Sallay
– start-page: 1
  year: 2011
  end-page: 5
  ident: CR60
  article-title: SSENet-2011: a network intrusion detection system dataset and its comparison with KDD CUP 99 dataset
  publication-title: Proceedings of the 2nd IEEE Asian Himalayas International Conference on Internet (AH-ICI 2011)
  doi: 10.1109/AHICI.2011.6113948
  contributor:
    fullname: Selvakumar
– start-page: 53
  year: 1999
  end-page: 62
  ident: CR28
  article-title: Activity monitoring: noticing interesting changes in behavior
  publication-title: Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining
  contributor:
    fullname: Provost
– volume: 8
  start-page: 289
  issue: 3-4
  year: 2000
  end-page: 304
  ident: CR43
  article-title: WaveCluster: a waveletbased clustering approach for spatial data in very large databases
  publication-title: The VLDB Journal—The International Journal on Very Large Data Bases
  doi: 10.1007/s007780050009
  contributor:
    fullname: Zhang
– start-page: 186
  year: 1997
  end-page: 195
  ident: CR44
  article-title: STING: astatistical information grid approach to spatial data mining
  publication-title: Proceedings of the 23rd International Conference on Very Large Data Bases
  contributor:
    fullname: Muntz
– volume: 8
  start-page: 237
  issue: 3-4
  year: 2000
  end-page: 253
  ident: CR33
  article-title: Distance-based outliers: algorithms and applications
  publication-title: The VLDB Journal — The International Journal on Very Large Data Bases
  doi: 10.1007/s007780050006
  contributor:
    fullname: Tucakov
– volume: 31
  start-page: 651
  issue: 8
  year: 2010
  end-page: 666
  ident: CR15
  article-title: Data clustering: 50 years beyond K-means
  publication-title: Pattern Recognition Letters
  doi: 10.1016/j.patrec.2009.09.011
  contributor:
    fullname: Jain
– volume: 8
  start-page: 289
  issue: 3-4
  year: 2000
  ident: 5116_CR43
  publication-title: The VLDB Journal—The International Journal on Very Large Data Bases
  doi: 10.1007/s007780050009
  contributor:
    fullname: G Sheikholeslami
– volume: 170
  start-page: 29
  year: 2012
  ident: 5116_CR17
  publication-title: Lecture Notes in Electrical Engineering
  doi: 10.1007/978-94-007-4786-9_3
  contributor:
    fullname: H Altwaijry
– volume: 34
  start-page: 62
  issue: 1
  year: 2010
  ident: 5116_CR2
  publication-title: Strategic Analysis
  doi: 10.1080/09700160903354450
  contributor:
    fullname: A Sharma
– volume: 36
  start-page: 5605
  issue: 3
  year: 2009
  ident: 5116_CR6
  publication-title: Expert Systems with Applications
  doi: 10.1016/j.eswa.2008.06.138
  contributor:
    fullname: S Y Wu
– volume: 80
  start-page: 1699
  issue: 10
  year: 2007
  ident: 5116_CR18
  publication-title: Journal of Systems and Software
  doi: 10.1016/j.jss.2006.12.546
  contributor:
    fullname: L C Wuu
– volume: 8
  start-page: 237
  issue: 3-4
  year: 2000
  ident: 5116_CR33
  publication-title: The VLDB Journal — The International Journal on Very Large Data Bases
  doi: 10.1007/s007780050006
  contributor:
    fullname: E M Knorr
– volume: 16
  start-page: 303
  issue: 1
  year: 2014
  ident: 5116_CR4
  publication-title: IEEE Communications Surveys & Tutorials
  doi: 10.1109/SURV.2013.052213.00046
  contributor:
    fullname: M H Bhuyan
– volume-title: Menio Park, CA: SRI International, Computer Science Laboratory
  year: 1995
  ident: 5116_CR27
  contributor:
    fullname: D Anderson
– volume: 29
  start-page: 427
  issue: 2
  year: 2000
  ident: 5116_CR34
  publication-title: ACM SIGMOD Record
  doi: 10.1145/335191.335437
  contributor:
    fullname: S Ramaswamy
– volume: 25
  start-page: 734
  issue: 4
  year: 2013
  ident: 5116_CR51
  publication-title: IEEE Transactions on Knowledge and Data Engineering
  doi: 10.1109/TKDE.2012.35
  contributor:
    fullname: S Garcia
– start-page: 385
  volume-title: Proceedings of the 16th International Conference on Pattern Recognition
  year: 2002
  ident: 5116_CR30
  contributor:
    fullname: D Y Yeung
– start-page: 501
  volume-title: Novel Algorithms and Techniques in Telecommunications and Networking.Springer Netherlands
  year: 2010
  ident: 5116_CR8
  doi: 10.1007/978-90-481-3662-9_86
  contributor:
    fullname: R GM Helali
– volume-title: Data Mining: Challenges and Opportunities for Data Mining During the Next Decade
  year: 1997
  ident: 5116_CR21
  contributor:
    fullname: R L Grossman
– volume: 141
  start-page: 217
  issue: 4
  year: 1994
  ident: 5116_CR29
  publication-title: IEE Proceedings — Vision, Image and Signal Processing
  doi: 10.1049/ip-vis:19941330
  contributor:
    fullname: C Bishop
– volume: 36
  start-page: 29
  year: 2006
  ident: 5116_CR57
  publication-title: South African Computer Journal
  contributor:
    fullname: O Mazhelis
– start-page: 1649
  volume-title: Proceedings of the 18th ACM conference on Information and knowledge management
  year: 2009
  ident: 5116_CR36
  doi: 10.1145/1645953.1646195
  contributor:
    fullname: H P Kriegel
– start-page: 1022
  volume-title: Proceedings of the 13th International Joint Conference on Artificial Intelligence
  year: 1993
  ident: 5116_CR52
  contributor:
    fullname: U M Fayyad
– start-page: 315
  volume-title: Proceedings of the 19th IEEE International Conference on Data Engineering
  year: 2003
  ident: 5116_CR37
  contributor:
    fullname: S Papadimitriou
– start-page: 144
  volume-title: Proceedings of the 20th International Conference on Very Large Data Bases
  year: 1994
  ident: 5116_CR39
  contributor:
    fullname: R T Ng
– start-page: 1702
  volume-title: Proceedings of the 2002 International Joint Conference on Neural Networks
  year: 2002
  ident: 5116_CR16
  contributor:
    fullname: S Mukkamala
– volume: 9
  start-page: 462
  issue: 2
  year: 2009
  ident: 5116_CR10
  publication-title: Applied Soft Computing
  doi: 10.1016/j.asoc.2008.06.001
  contributor:
    fullname: A Tajbakhsh
– start-page: 371
  volume-title: Proceedings of the 15th Annual Conference on Computer Security Applications
  year: 1999
  ident: 5116_CR13
  doi: 10.1109/CSAC.1999.816048
  contributor:
    fullname: C Sinclair
– volume: 13
  start-page: 1
  issue: 1
  year: 2013
  ident: 5116_CR22
  publication-title: ICST Transactions on Scalable Information Systems
  doi: 10.4108/trans.sis.2013.01-03.e2
  contributor:
    fullname: J Zhang
– volume: 31
  start-page: 651
  issue: 8
  year: 2010
  ident: 5116_CR15
  publication-title: Pattern Recognition Letters
  doi: 10.1016/j.patrec.2009.09.011
  contributor:
    fullname: A K Jain
– volume: 34
  start-page: 2227
  issue: 18
  year: 2011
  ident: 5116_CR12
  publication-title: Computer Communications
  doi: 10.1016/j.comcom.2011.07.001
  contributor:
    fullname: P Sangkatsanee
– volume: 27
  start-page: 1569
  issue: 16
  year: 2004
  ident: 5116_CR20
  publication-title: Computer Networks
  contributor:
    fullname: J M Estevez-Tapiador
– volume: 239
  start-page: 201
  issue: 1
  year: 2013
  ident: 5116_CR1
  publication-title: Information Sciences
  doi: 10.1016/j.ins.2013.03.022
  contributor:
    fullname: I Corona
– volume-title: Finding Groups in Data: An Introduction to Cluster Analysis
  year: 1990
  ident: 5116_CR38
  doi: 10.1002/9780470316801
  contributor:
    fullname: L Kaufman
– volume: 14
  start-page: 16
  issue: 1
  year: 1999
  ident: 5116_CR24
  publication-title: IEEE Transactions on Energy Conversion
  doi: 10.1109/60.749142
  contributor:
    fullname: S E Guttõrmsson
– volume: 15
  start-page: 11
  issue: 1
  year: 2013
  ident: 5116_CR50
  publication-title: ACM SIGKDD Explorations Newsletter
  doi: 10.1145/2594473.2594476
  contributor:
    fullname: A Zimek
– volume-title: Technical Report
  year: 2013
  ident: 5116_CR48
  contributor:
    fullname: A R Vasudevan
– volume: 30
  start-page: 353
  issue: 6
  year: 2011
  ident: 5116_CR5
  publication-title: Computers & Security
  doi: 10.1016/j.cose.2011.05.008
  contributor:
    fullname: J J Davis
– volume: 27
  start-page: 802
  issue: 7
  year: 2006
  ident: 5116_CR7
  publication-title: Pattern Recognition Letters
  doi: 10.1016/j.patrec.2005.11.007
  contributor:
    fullname: S Y Jiang
– volume: 2096
  start-page: 299
  year: 2001
  ident: 5116_CR55
  publication-title: Lecture Notes in Computer Science
  doi: 10.1007/3-540-48219-9_30
  contributor:
    fullname: DMJ Tax
– start-page: 305
  volume-title: Proceedings of IEEE Symposium on Security and Privacy
  year: 2010
  ident: 5116_CR14
  contributor:
    fullname: R Sommer
– volume: 13
  start-page: 222
  issue: 2
  year: 1987
  ident: 5116_CR3
  publication-title: IEEE Transactions on Software Engineering
  doi: 10.1109/TSE.1987.232894
  contributor:
    fullname: D E Denning
– volume: 24
  start-page: 5
  issue: 1
  year: 2005
  ident: 5116_CR45
  publication-title: Journal of Intelligent Information Systems
  doi: 10.1007/s10844-005-0265-0
  contributor:
    fullname: J Zhang
– start-page: 392
  volume-title: Proceedings of the 24th International Conference on Very Large Data Bases
  year: 1998
  ident: 5116_CR31
  contributor:
    fullname: E M Knorr
– start-page: 211
  volume-title: Proceedings of the 25th International Conference on Very Large Data Bases
  year: 1999
  ident: 5116_CR32
  contributor:
    fullname: E M Knorr
– start-page: 74
  volume-title: Proceedings of the Workshop on Geometrical Models of Natural Language Semantics
  year: 2009
  ident: 5116_CR46
  doi: 10.3115/1705415.1705425
  contributor:
    fullname: A lachos
– volume: 5211
  start-page: 505
  year: 2008
  ident: 5116_CR58
  publication-title: Lecture Notes in Computer Science
  doi: 10.1007/978-3-540-87479-9_51
  contributor:
    fullname: K Hempstalk
– volume: 9
  start-page: 69
  issue: 1
  year: 2008
  ident: 5116_CR59
  publication-title: Information Fusion
  doi: 10.1016/j.inffus.2006.10.002
  contributor:
    fullname: G Giacinto
– volume-title: Proceedings of the 2005 SIAM International Conference on Data Mining
  year: 2005
  ident: 5116_CR25
  contributor:
    fullname: C C Aggarwal
– start-page: 1
  volume-title: Proceedings of the 2nd IEEE Asian Himalayas International Conference on Internet (AH-ICI 2011)
  year: 2011
  ident: 5116_CR60
  doi: 10.1109/AHICI.2011.6113948
  contributor:
    fullname: A R Vasudevan
– volume: 29
  start-page: 93
  issue: 2
  year: 2000
  ident: 5116_CR35
  publication-title: ACM SIGMOD Record
  doi: 10.1145/335191.335388
  contributor:
    fullname: MM Breunig
– start-page: 211
  volume-title: Enterprise Information Systems VI
  year: 2006
  ident: 5116_CR9
  doi: 10.1007/1-4020-3675-2_25
  contributor:
    fullname: S Mukkamala
– start-page: 186
  volume-title: Proceedings of the 23rd International Conference on Very Large Data Bases
  year: 1997
  ident: 5116_CR44
  contributor:
    fullname: W Wang
– volume-title: Dissertation for the Doctoral Degree. Delft: Delft University of Technology
  year: 2001
  ident: 5116_CR56
  contributor:
    fullname: D M J Tax
– start-page: 53
  volume-title: Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining
  year: 1999
  ident: 5116_CR28
  doi: 10.1145/312129.312195
  contributor:
    fullname: T Fawcett
– start-page: 73
  volume-title: Proceedings of the 1998 ACM SIGMOD International Conference on Management of Data
  year: 1998
  ident: 5116_CR40
  doi: 10.1145/276304.276312
  contributor:
    fullname: S Guha
– volume: 8171
  start-page: 364
  year: 2013
  ident: 5116_CR47
  publication-title: Lecture Notes in Computer Science
  doi: 10.1007/978-3-642-41299-8_35
  contributor:
    fullname: W Fan
– volume: 32
  start-page: 68
  issue: 8
  year: 1999
  ident: 5116_CR42
  publication-title: Computer
  doi: 10.1109/2.781637
  contributor:
    fullname: G Karypis
– start-page: 797
  volume-title: Proceedings of World Congress on Neural Networks
  year: 1993
  ident: 5116_CR54
  contributor:
    fullname: M M Moya
– volume-title: Purves: Statistics
  year: 1978
  ident: 5116_CR23
  contributor:
    fullname: D Freedman
– start-page: 25
  volume-title: Proceedings of the 2003 SIAM International Conference on Data Mining
  year: 2003
  ident: 5116_CR49
  doi: 10.1137/1.9781611972733.3
  contributor:
    fullname: A Lazarevic
– volume: 66
  start-page: 229
  issue: 2
  year: 1979
  ident: 5116_CR26
  publication-title: Biometrika
  doi: 10.1093/biomet/66.2.229
  contributor:
    fullname: B Abraham
– volume-title: Elsevier
  year: 2013
  ident: 5116_CR19
  contributor:
    fullname: C Sanders
– start-page: 194
  volume-title: Proceedings of the 12th International Conference on Machine Learning
  year: 1995
  ident: 5116_CR53
  contributor:
    fullname: J Dougherty
– volume: 28
  start-page: 301
  issue: 5
  year: 2009
  ident: 5116_CR11
  publication-title: Computers & Security
  doi: 10.1016/j.cose.2008.12.001
  contributor:
    fullname: M Y Su
– volume: 16
  start-page: 507
  issue: 4
  year: 2007
  ident: 5116_CR41
  publication-title: The VLDB Journal — The International Journal on Very Large Data Bases
  doi: 10.1007/s00778-006-0002-5
  contributor:
    fullname: L Khan
SSID ssj0002025522
Score 2.1527631
Snippet Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered...
Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered...
SourceID proquest
crossref
springer
higheredpress
chongqing
SourceType Aggregation Database
Publisher
StartPage 755
SubjectTerms Classifiers
Clustering
Communications traffic
Computer Science
Data analysis
Data mining
Datasets
Deviation
Dirichlet
Dirichlet problem
Discretizer
DP clustering
False alarms
hierarchical model
Intrusion detection systems
LOF
Machine learning
NIDS
one class classifier
Outliers (statistics)
Research Article
Supervised learning
Traffic models
分类器
因子和
局部异常因子
层次模型
数据集
监督学习
网络入侵检测系统
SummonAdditionalLinks – databaseName: ProQuest Technology Collection
  dbid: 8FG
  link: http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LS8QwEB58XATxLa4vcvCkhO0zSU8i4rqIelLwVpImUS_dle3_8C87k7a7rKCXUkgaKF_S-TrzzQzAhUEWriuruLG54xnuCa4yPFex0ZEXaJ9McLg9PYvxa_bwlr-twLjPhSFZZf9NDB9qO6nIRz5MiljJhCzKUBvyAlTN8Hr6xal_FMVZu2Yaq7AeU008yhkf3c-9LQlR5xBSSJBTcHJ79CHOkEcXyyDGyDnyD8EVFVr4mNTvX2g-lgzW5kdQXzgbVKpLrPRXIDXYp9EObHXEkt20O2EXVly9B9t90wbWneF9-H4k68VICIQWkbX9dpiuLZuRVxxXZpPasYpYdXv99DSRzJ1l1Dk7xB5ojdBFhyHrZdY1QdJVs4lnumkocZ991qxuReZ4S7kdNL6YSdrUmWsO4HV093I75l1XBl4hl2q4VoV3SsXemcjnKTKWSmbCCGWoEk1kEp2KwkZOVi6KnSysxj_MVOfKeoRepekhrNX4IkfApC-0I5Gt1xKJXKSyxEgj8Q-KCvOlZgAncxjKaVt9oxSCaiAiixvAZQ_MfHBRhJkQLRHRkhAt1QDiJehKT_UhqNv4f8-c9vCW3cmelYt9OICrHvLF8J-LHf-_2AlsIBUTrbTwFNYQFXeGdKcx52En_wDaw_v1
  priority: 102
  providerName: ProQuest
Title Local outlier factor and stronger one class classifier based hierarchical model for detection of attacks in network intrusion detection dataset
URI http://lib.cqvip.com/qk/71018X/201604/669659441.html
https://journal.hep.com.cn/fcs/EN/10.1007/s11704-015-5116-8
https://link.springer.com/article/10.1007/s11704-015-5116-8
https://www.proquest.com/docview/2918720242/abstract/
Volume 10
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1Na9wwEB2SzaVQmn7SbdKgQ08tWvwpyce0ZBPSNpTSQHoykiUlIaBtWeeSP9G_3BnZXrNtEshld0FaGTNjzfPM0xuAdwZRuG6s4saWjhfoE1wV-FylRideYHwyMeH29UQcnRbHZ-XZBmSr1EW4mg0VybhRj2fdUhkJEyVHjCC42oStkrpST2Br__Dn5zGzkhFMjuWDDPEDpxTHUM68bR0SVbhYhPPfeM214PT4IjItnI2M1DUE-k_RNMai-XZ3PnAZJQyJgnI1u27NrLn5X-DxAbf5FJ700JTtd770DDZceA7bQ9sH1u8CL-DPF4p_jKhEGFNZ17GH6WDZkvLqeC22CI41hMu7z0tPEylgWka9t2P1gtaIfXgY4mZmXRtJYYEtPNNtS0f_2WVgoaOp4086HULj40xity5d-xJO5wc_Ph3xvq8DbxCNtVyryjulUu9M4sscMU8jC2GEMqRlk5hM56KyiZONS1InK6vxHTXXpbIenUfl-SuYBLyR18Ckr7Qjmq7XEqFgoorMSCPxHYyk_XIzhZ2VcetfnX5HLQSpKCIOnML7wdyrwVHGmQxRoyFqMkStppCuOUTtSWGC-pXf95_dwWnqfm9Y1lmVKpkRNprCh8EJxuE7F3vzoNk78Aixnei4irswQSO5t4ifWrMHm2p-uNc_Nvj98eDk2_e_pBITLA
link.rule.ids 315,786,790,12792,21416,27957,27958,33408,33779,41116,42185,43635,43840,52146
linkProvider Springer Nature
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1NT9wwEB1ROFAJla9WbPmoD5xAVvNpO6eqQixLWTiBxM2yY7twyYI2_4O_zIyT7GorlUu0krOWomfnvcw8zwCcWlThpnaKW1d6XuCa4KrAfZVakwSB_GRjwO32Tkweij-P5WMfcJv3tsrhnRhf1G5WU4z8Z1alSmbEKL9eXjl1jaLsat9C4xNsFDlSJ50UH18tYiwZCeaYSMhQSXAKdgyJzXh6LpXRglFyVB2CKyqv8DRr_r4iaazQ1NZT9Fx4F72pK1r0n_RpZKXxDnzp5ST73eG_C2u-2YPtoVUD63fuPrxNibMY2X-QB1nXZYeZxrE5xcJxZjZrPKtJS3fX50A3Esk5Rv2yY8aB5oi9cxhqXeZ8G41cDZsFZtqWjuuz54Y1nbUcf9KJDhpf3kmO1Llvv8LD-PL-YsL7Xgy8RgXVcqOq4JVKg7dJKHPUKbUshBXKUv2ZxGYmF5VLvKx9knpZOYPflbkplQsIuMrzb7De4IMcAJOhMp6stcFIlG-JKjIrrcTvJirHl9sRHC5g0C9dzQ0tBFU-RO02grMBmMXgsvQyIaoRUU2IajWCdAU6HagqBPUY_-g_RwO8ut_Pc71cfSM4HyBfDv93su8fT_YDNif3t1M9vb67OYTPKMZEZy48gnVEyB-j4GntSVzV75OA-yM
linkToPdf http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1daxUxEB20BRGK9av02qp58ElJu59J9rGo12pr8cFCfYrJJrFFyK3c9cU_4V92Jrvb5RYVxJdlIdksYSY7ZzMnZwCeWUThpnWKW1d7XqFPcFXhusqtyYLA-GTThtv7E3F4Wr07q8-GOqfLke0-piT7Mw2k0hS7_UsX9qeDb7lM7ImaI2AQXN2E9QpXLbr4-sGbT0fTNktBmDnlEgoEE5z2O8bc5u_GIYWF80X88g3fvxKpNs4T7cK7RE9dgaPXMqgpMM034fM4pZ6P8nXve2f32h_X1B7_Y8534c4AWtlB72X34IaP92FzLAjBhu_DA_h5TJGREckIoy3ra_kwEx1b0o47vpctomctIfb-ehGoI4VSx6gqd8pr0BipQg9DRM2c7xJdLLJFYKbrSBSAXUQWewI73tK5EWqfehLvdem7h3A6f_3x5SEfKj7wFnFax41qglcqD95moS4RDbWyElYoSyo3mS1MKRqXedn6LPeycQb_XktTKxfQrVRZbsFaxIlsA5OhMZ4IvMFIBImZqgorrcS_MxL9K-0Mdq4srS97ZQ8tBOkrIkKcwfPR9leNk8AzGUKjITQZQqsZ5CveoQNpT1Al8789szt6kB6-GktdNLmSBaGmGbwYHWJq_uNgj_6p91O49eHVXB-_PTnagdsIAEVPaNyFNbSXf4wgq7NPhoX0CywAHVs
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Local+outlier+factor+and+stronger+one+class+classifier+based+hierarchical+model+for+detection+of+attacks+in+network+intrusion+detection+dataset&rft.jtitle=Frontiers+of+Computer+Science&rft.au=Vasudevan%2C+Alampallam+Ramaswamy&rft.au=Selvakumar%2C+Subramanian&rft.date=2016-08-01&rft.pub=Higher+Education+Press&rft.issn=2095-2228&rft.eissn=2095-2236&rft.volume=10&rft.issue=4&rft.spage=755&rft.epage=766&rft_id=info:doi/10.1007%2Fs11704-015-5116-8&rft.externalDocID=10_1007_s11704_015_5116_8
thumbnail_s http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fimage.cqvip.com%2Fvip1000%2Fqk%2F71018X%2F71018X.jpg