Local outlier factor and stronger one class classifier based hierarchical model for detection of attacks in network intrusion detection dataset
Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modded, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier det...
Saved in:
Published in | Frontiers of Computer Science Vol. 10; no. 4; pp. 755 - 766 |
---|---|
Main Authors | , |
Format | Journal Article |
Language | English |
Published |
Beijing
Higher Education Press
01.08.2016
Springer Nature B.V |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modded, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier detection system, the normal network traffic is modeled. Any deviation from the normal model is deemed to be an outlier/attack. Data mining and machine learning techniques are widely used in offline NIDS. Unsupervised and supervised learning techniques differ the way NIDS dataset is treated. The characteristic features of unsupervised and supervised learning are finding patterns in data, detecting outliers, and determining a learned function for input features, generalizing the data instances respectively. The intuition is that if these two techniques are combined, better performance may be obtained. Hence, in this paper the advantages of unsupervised and supervised techniques are inherited in the proposed hierarchical model and devised into three stages to detect attacks in NIDS dataset. NIDS dataset is clustered using Dirichiet process (DP) clustering based on the underlying data distribution. Iteratively on each cluster, local denser areas are identified using local outlier factor (LOF) which in turn is discretized into four bins of separation based on LOF score. Further, in each bin the normal data instances are modeled using one class classifier (OCC). A combination of Density Estimation method, Reconstruction method, and Boundary methods are used for OCC model. A product rule combination of the three methods takes into consideration the strengths of each method in building a stronger OCC model. Any deviation from this model is considered as an attack. Experiments are conducted on KDD CUP'99 and SSENet-2011 datasets. The results show that the proposed model is able to identify attacks with higher detection rate and low false alarms. |
---|---|
AbstractList | Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modeled, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier detection system, the normal network traffic is modeled. Any deviation from the normal model is deemed to be an outlier/ attack. Data mining and machine learning techniques are widely used in offline NIDS. Unsupervised and supervised learning techniques differ the way NIDS dataset is treated. The characteristic features of unsupervised and supervised learning are finding patterns in data, detecting outliers, and determining a learned function for input features, generalizing the data instances respectively. The intuition is that if these two techniques are combined, better performance may be obtained. Hence, in this paper the advantages of unsupervised and supervised techniques are inherited in the proposed hierarchical model and devised into three stages to detect attacks in NIDS dataset. NIDS dataset is clustered using Dirichlet process (DP) clustering based on the underlying data distribution. Iteratively on each cluster, local denser areas are identified using local outlier factor (LOF) which in turn is discretized into four bins of separation based on LOF score. Further, in each bin the normal data instances are modeled using one class classifier (OCC). A combination of Density Estimation method, Reconstruction method, and Boundary methods are used for OCC model. A product rule combination of the threemethods takes into consideration the strengths of each method in building a stronger OCC model. Any deviation from this model is considered as an attack. Experiments are conducted on KDD CUP’99 and SSENet-2011 datasets. The results show that the proposed model is able to identify attacks with higher detection rate and low false alarms. Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modded, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier detection system, the normal network traffic is modeled. Any deviation from the normal model is deemed to be an outlier/attack. Data mining and machine learning techniques are widely used in offline NIDS. Unsupervised and supervised learning techniques differ the way NIDS dataset is treated. The characteristic features of unsupervised and supervised learning are finding patterns in data, detecting outliers, and determining a learned function for input features, generalizing the data instances respectively. The intuition is that if these two techniques are combined, better performance may be obtained. Hence, in this paper the advantages of unsupervised and supervised techniques are inherited in the proposed hierarchical model and devised into three stages to detect attacks in NIDS dataset. NIDS dataset is clustered using Dirichiet process (DP) clustering based on the underlying data distribution. Iteratively on each cluster, local denser areas are identified using local outlier factor (LOF) which in turn is discretized into four bins of separation based on LOF score. Further, in each bin the normal data instances are modeled using one class classifier (OCC). A combination of Density Estimation method, Reconstruction method, and Boundary methods are used for OCC model. A product rule combination of the three methods takes into consideration the strengths of each method in building a stronger OCC model. Any deviation from this model is considered as an attack. Experiments are conducted on KDD CUP'99 and SSENet-2011 datasets. The results show that the proposed model is able to identify attacks with higher detection rate and low false alarms. |
Author | Alampallam Ramaswamy VASUDEVAN Subramanian SELVAKUMAR |
AuthorAffiliation | CDBR-SSE Lab, Department of Computer Science and Engineering, National Institute of Technology, Tiruchirappalli (NITT), Tiruchirappalli 620015, India |
Author_xml | – sequence: 1 givenname: Alampallam Ramaswamy surname: VASUDEVAN fullname: VASUDEVAN, Alampallam Ramaswamy organization: CDBR-SSE Lab, Department of Computer Science and Engineering, National Institute of Technology, Tiruchirappalli (NITT), Tiruchirappalli 620015, India – sequence: 2 givenname: Subramanian surname: SELVAKUMAR fullname: SELVAKUMAR, Subramanian email: ssk@nitt.edu organization: CDBR-SSE Lab, Department of Computer Science and Engineering, National Institute of Technology, Tiruchirappalli (NITT), Tiruchirappalli 620015, India |
BookMark | eNp9kcFOHSEUhomxSdX6AN0Ru572ADMMLBujtslNumnXhIGDMzoOV-DG-BS-cpmM0Z0bOIH__8_Jd07J8RIXJOQrg-8MoP-RGeuhbYB1TceYbNQROeGgu4ZzIY_faq4-k_Oc7wCAA-86zk_Iyy46O9N4KPOEiQbrSkzULp7mkuJyW99qL-pmm_N2TmEVDjajp2MtbXLjtGY8RI8zDdXusaArU1xoDNSWYt19ptNCFyxPMd3XsqRDXv_fld6WGlm-kE_BzhnPX-8z8u_66u_lr2b35-b35c9d44TmpbFKB1SKBRwgdEJK4fpWDlINrQIGA7dCag_YOwSGvfaWQS9sp3zQDJQQZ-TblrtP8fGAuZi7eEhLbWm4ZqqvgFpeVWxTuRRzThjMPk0PNj0bBmZFbzb0pqI3K3qjqodvnly1K8D35I9MajON0-2ICf0-Yc4m1BWUyvhj68XrjGPd12Nt-TaklFp2um2Z-A9uf6gQ |
CitedBy_id | crossref_primary_10_1016_j_apenergy_2020_115402 crossref_primary_10_1016_j_jksuci_2019_08_003 crossref_primary_10_3390_iot1010006 crossref_primary_10_3390_app10175811 crossref_primary_10_3390_s22239144 crossref_primary_10_1007_s11771_019_4233_1 crossref_primary_10_1007_s11227_022_04459_7 |
Cites_doi | 10.4108/trans.sis.2013.01-03.e2 10.1109/CSAC.1999.816048 10.1145/335191.335388 10.1109/2.781637 10.1007/s00778-006-0002-5 10.3115/1705415.1705425 10.1016/j.jss.2006.12.546 10.1016/j.comcom.2011.07.001 10.1049/ip-vis:19941330 10.1109/SURV.2013.052213.00046 10.1016/j.patrec.2005.11.007 10.1109/TKDE.2012.35 10.1093/biomet/66.2.229 10.1145/2594473.2594476 10.1016/j.cose.2011.05.008 10.1007/3-540-48219-9_30 10.1007/978-90-481-3662-9_86 10.1016/j.cose.2008.12.001 10.1007/978-3-540-87479-9_51 10.1080/09700160903354450 10.1007/1-4020-3675-2_25 10.1016/j.eswa.2008.06.138 10.1109/60.749142 10.1145/335191.335437 10.1016/j.ins.2013.03.022 10.1137/1.9781611972733.3 10.1145/276304.276312 10.1109/TSE.1987.232894 10.1007/s10844-005-0265-0 10.1002/9780470316801 10.1016/j.asoc.2008.06.001 10.1007/978-94-007-4786-9_3 10.1016/j.inffus.2006.10.002 10.1007/978-3-642-41299-8_35 10.1109/AHICI.2011.6113948 10.1007/s007780050009 10.1007/s007780050006 10.1016/j.patrec.2009.09.011 10.1145/1645953.1646195 10.1145/312129.312195 |
ContentType | Journal Article |
Copyright | Copyright reserved, 2016, Higher Education Press and Springer-Verlag Berlin Heidelberg Higher Education Press and Springer-Verlag Berlin Heidelberg 2016 Higher Education Press and Springer-Verlag Berlin Heidelberg 2016. |
Copyright_xml | – notice: Copyright reserved, 2016, Higher Education Press and Springer-Verlag Berlin Heidelberg – notice: Higher Education Press and Springer-Verlag Berlin Heidelberg 2016 – notice: Higher Education Press and Springer-Verlag Berlin Heidelberg 2016. |
DBID | 2RA 92L CQIGP W92 ~WA AAYXX CITATION 8FE 8FG AFKRA ARAPS AZQEC BENPR BGLVJ CCPQU DWQXO GNUQQ HCIFZ JQ2 K7- P5Z P62 PQEST PQQKQ PQUKI |
DOI | 10.1007/s11704-015-5116-8 |
DatabaseName | 维普_期刊 中文科技期刊数据库-CALIS站点 维普中文期刊数据库 中文科技期刊数据库-工程技术 中文科技期刊数据库- 镜像站点 CrossRef ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central UK/Ireland Advanced Technologies & Aerospace Database (1962 - current) ProQuest Central Essentials ProQuest Central Technology Collection ProQuest One Community College ProQuest Central ProQuest Central Student SciTech Premium Collection (Proquest) (PQ_SDU_P3) ProQuest Computer Science Collection Computer Science Database ProQuest Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Academic ProQuest One Academic UKI Edition |
DatabaseTitle | CrossRef Advanced Technologies & Aerospace Collection Computer Science Database ProQuest Central Student Technology Collection ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Computer Science Collection ProQuest One Academic Eastern Edition SciTech Premium Collection ProQuest One Community College ProQuest Technology Collection ProQuest SciTech Collection ProQuest Central Advanced Technologies & Aerospace Database ProQuest One Academic UKI Edition ProQuest Central Korea ProQuest One Academic |
DatabaseTitleList | Advanced Technologies & Aerospace Collection |
Database_xml | – sequence: 1 dbid: 8FG name: ProQuest Technology Collection url: https://search.proquest.com/technologycollection1 sourceTypes: Aggregation Database |
DeliveryMethod | fulltext_linktorsrc |
Discipline | Computer Science |
DocumentTitleAlternate | Local outlier factor and stronger one class classifier based hierarchical model for detection of attacks in network intrusion detection dataset |
EISSN | 2095-2236 |
EndPage | 766 |
ExternalDocumentID | 10_1007_s11704_015_5116_8 10.1007/s11704-015-5116-8 669659441 |
GroupedDBID | -EM .VR 06D 0VY 1-T 2J2 2JN 2JY 2KG 2KM 2LR 2RA 30V 4.4 406 408 40E 5VS 92L 95- 95. 96X AABHQ AAFGU AAIAL AAJKR AANZL AARHV AARTL AATLR AATNV AATVU AAUYE AAWCG AAYFA AAYIU AAYQN AAYTO ABDZT ABECU ABFGW ABFTD ABFTV ABHQN ABJNI ABJOX ABKAS ABKCH ABMQK ABNWP ABQBU ABSXP ABTEG ABTHY ABTKH ABTMW ABWNU ABXPI ACAOD ACBMV ACBRV ACBXY ACGFS ACHSB ACHXU ACIPQ ACKNC ACMDZ ACMLO ACOKC ACSNA ACTTH ACVWB ACWMK ACZOJ ADHIR ADINQ ADKNI ADKPE ADMDM ADOXG ADRFC ADTPH ADURQ ADYFF ADZKW AEBTG AEFTE AEGNC AEJHL AEJRE AEKMD AENEX AEOHA AEPYU AESKC AESTI AETLH AEVLU AEVTX AEXYK AFKRA AFLOW AFNRJ AFQWF AFWTZ AFZKB AGAYW AGDGC AGGBP AGJBK AGMZJ AGQMX AGWIL AGWZB AGYKE AHBYD AHKAY AHSBF AHYZX AIAKS AIIXL AILAN AIMYW AITGF AJBLW AJDOV AJRNO AJZVZ ALMA_UNASSIGNED_HOLDINGS ALWAN AMKLP AMXSW AMYLF AOCGG ARAPS ARMRJ AXYYD B-. BDATZ BENPR BGLVJ BGNMA CQIGP CSCUP DDRTE DNIVK DPUIP EBLON EBS EIOEI EJD ESBYG FERAY FFXSO FIGPU FINBP FNLPD FRRFC FSGXE FWDCC GGCAI GGRSB GJIRD GNWQR GQ6 GQ7 HCIFZ HF~ HG6 HMJXF HRMNR HZ~ IKXTQ IWAJR IXD I~Z J-C JBSCW JZLTJ K7- KOV LLZTM M4Y MA- NPVJJ NQJWS NU0 O9J P4S PF0 PT4 R89 ROL RSV S16 S3B SAP SCL SCO SHX SISQX SNE SNPRN SNX SOHCF SOJ SPISZ SRMVM SSLCW STPWE SZN TSG TUC UG4 UNUBA UOJIU UTJUX UZXMN VFIZW W48 W92 YLTOR Z7R Z7X Z81 Z83 Z88 ZMTXR ~WA AEMSY AGQEE CCPQU AASML ABAKF ABMYL AEFQL AFBBN AGRTI AIGIU 0R~ AACDK AAJBT AAYXX ACDTI CITATION H13 SJYHP 8FE 8FG AZQEC DWQXO GNUQQ JQ2 P62 PQEST PQQKQ PQUKI |
ID | FETCH-LOGICAL-c392t-a89fe881feb0f53663c746b68b48010b2a369d0e7ce01e79da1073a58df910833 |
IEDL.DBID | AGYKE |
ISSN | 2095-2228 |
IngestDate | Fri Sep 13 09:42:58 EDT 2024 Thu Sep 12 19:45:52 EDT 2024 Tue Mar 19 07:24:17 EDT 2024 Tue Feb 27 04:43:01 EST 2024 Wed Feb 14 10:23:29 EST 2024 |
IsPeerReviewed | true |
IsScholarly | true |
Issue | 4 |
Keywords | LOF hierarchical model one class classifier DP clustering NIDS Discretizer |
Language | English |
LinkModel | DirectLink |
MergedId | FETCHMERGED-LOGICAL-c392t-a89fe881feb0f53663c746b68b48010b2a369d0e7ce01e79da1073a58df910833 |
Notes | hierarchical model, DP clustering, LOF, Dis-cretizer, one class classifier, NIDS 11-5731/TP Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered attacks are modded, and signatures/rules are extracted. These rules are used to detect such attacks in future, but in anomaly or outlier detection system, the normal network traffic is modeled. Any deviation from the normal model is deemed to be an outlier/attack. Data mining and machine learning techniques are widely used in offline NIDS. Unsupervised and supervised learning techniques differ the way NIDS dataset is treated. The characteristic features of unsupervised and supervised learning are finding patterns in data, detecting outliers, and determining a learned function for input features, generalizing the data instances respectively. The intuition is that if these two techniques are combined, better performance may be obtained. Hence, in this paper the advantages of unsupervised and supervised techniques are inherited in the proposed hierarchical model and devised into three stages to detect attacks in NIDS dataset. NIDS dataset is clustered using Dirichiet process (DP) clustering based on the underlying data distribution. Iteratively on each cluster, local denser areas are identified using local outlier factor (LOF) which in turn is discretized into four bins of separation based on LOF score. Further, in each bin the normal data instances are modeled using one class classifier (OCC). A combination of Density Estimation method, Reconstruction method, and Boundary methods are used for OCC model. A product rule combination of the three methods takes into consideration the strengths of each method in building a stronger OCC model. Any deviation from this model is considered as an attack. Experiments are conducted on KDD CUP'99 and SSENet-2011 datasets. The results show that the proposed model is able to identify attacks with higher detection rate and low false alarms. LOF Document accepted on :2015-10-15 one class classifier Document received on :2015-03-23 DP clustering hierarchical model NIDS Discretizer |
PQID | 2918720242 |
PQPubID | 2044369 |
PageCount | 12 |
ParticipantIDs | proquest_journals_2918720242 crossref_primary_10_1007_s11704_015_5116_8 springer_journals_10_1007_s11704_015_5116_8 higheredpress_frontiers_10_1007_s11704_015_5116_8 chongqing_primary_669659441 |
PublicationCentury | 2000 |
PublicationDate | 2016-08-01 |
PublicationDateYYYYMMDD | 2016-08-01 |
PublicationDate_xml | – month: 08 year: 2016 text: 2016-08-01 day: 01 |
PublicationDecade | 2010 |
PublicationPlace | Beijing |
PublicationPlace_xml | – name: Beijing – name: Heidelberg |
PublicationSubtitle | Selected Publications from Chinese Universities |
PublicationTitle | Frontiers of Computer Science |
PublicationTitleAbbrev | Front. Comput. Sci |
PublicationTitleAlternate | Frontiers of Computer Science in China |
PublicationYear | 2016 |
Publisher | Higher Education Press Springer Nature B.V |
Publisher_xml | – name: Higher Education Press – name: Springer Nature B.V |
References | Mukkamala, Janoski, Sung (CR16) 2002 Tax, Duin (CR55) 2001; 2096 Grossman (CR21) 1997 Kriegel, Kröger, Schubert, Zimek (CR36) 2009 Vasudevan, Harshini, Selvakumar (CR60) 2011 Wang, Yang, Muntz (CR44) 1997 Guttõrmsson, Marks, El-Sharkawi, Kerszenbaum (CR24) 1999; 14 Sanders, Smith (CR19) 2013 Jiang, Song, Wang, Han, Li (CR7) 2006; 27 Wu, Yen (CR6) 2009; 36 Denning (CR3) 1987; 13 Sinclair, Pierce, Matzner (CR13) 1999 Knorr, Ng (CR32) 1999 Vasudevan, Selvakumar (CR48) 2013 Lazarevic, Ertöz, Kumar, Ozgur, Srivastava (CR49) 2003 Su, Yu, Lin (CR11) 2009; 28 Mukkamala, Sung, Abraham, Ramos, Seruca, Cordeiro, Hammoudi, Filipe (CR9) 2006 Knorr, Ng, Tucakov (CR33) 2000; 8 Aggarwal (CR25) 2005 Mazhelis (CR57) 2006; 36 Tajbakhsh, Rahmati, Mirzaei (CR10) 2009; 9 Fawcett, Provost (CR28) 1999 Giacinto, Perdisci, Del Rio, Roli (CR59) 2008; 9 Bishop (CR29) 1994; 141 Altwaijry (CR17) 2012; 170 Helali, Sobh, Elleithy, Mahmood (CR8) 2010 Sheikholeslami, Chatterjee, Zhang (CR43) 2000; 8 Garcia, Luengo, Sáez, López, Herrera (CR51) 2013; 25 Ramaswamy, Rastogi, Shim (CR34) 2000; 29 Moya, Koch, Hostetler (CR54) 1993 Khan, Awad, Thuraisingham (CR41) 2007; 16 Tax (CR56) 2001 Estevez-Tapiador, Garcia-Teodoro, Diaz-Verdejo (CR20) 2004; 27 Sharma (CR2) 2010; 34 Anderson, Frivold, Valdes (CR27) 1995 Jain (CR15) 2010; 31 Freedman, Pisani (CR23) 1978 Yeung, Chow (CR30) 2002 Papadimitriou, Kitagawa, Gibbons, Faloutsos (CR37) 2003 Zhang, Hsu, Lee (CR45) 2005; 24 Kaufman, Rousseeuw (CR38) 1990 Zimek, Campello, Sander (CR50) 2013; 15 Wuu, Hung, Chen (CR18) 2007; 80 Fan, Bouguila, Sallay (CR47) 2013; 8171 Zhang (CR22) 2013; 13 Ng, Han (CR39) 1994 Karypis, Han, Kumar (CR42) 1999; 32 lachos, Korhonen, Ghahramani (CR46) 2009 Dougherty, Kohavi, Sahami (CR53) 1995 Sangkatsanee, Wattanapongsakorn, Charnsripinyo (CR12) 2011; 34 Abraham, Box (CR26) 1979; 66 Guha, Rastogi, Shim (CR40) 1998 Hempstalk, Frank, Witten (CR58) 2008; 5211 Davis, Clark (CR5) 2011; 30 Corona, Giacinto, Roli (CR1) 2013; 239 Bhuyan, Bhattacharyya, Kalita (CR4) 2014; 16 Breunig, Kriegel, Ng, Sander (CR35) 2000; 29 Fayyad, Irani (CR52) 1993 Sommer, Paxson (CR14) 2010 Knorr, Ng (CR31) 1998 S Mukkamala (5116_CR9) 2006 O Mazhelis (5116_CR57) 2006; 36 MM Breunig (5116_CR35) 2000; 29 A Lazarevic (5116_CR49) 2003 C Sinclair (5116_CR13) 1999 H Altwaijry (5116_CR17) 2012; 170 E M Knorr (5116_CR32) 1999 R GM Helali (5116_CR8) 2010 B Abraham (5116_CR26) 1979; 66 H P Kriegel (5116_CR36) 2009 J J Davis (5116_CR5) 2011; 30 S Guha (5116_CR40) 1998 W Fan (5116_CR47) 2013; 8171 S Papadimitriou (5116_CR37) 2003 J M Estevez-Tapiador (5116_CR20) 2004; 27 C Bishop (5116_CR29) 1994; 141 R T Ng (5116_CR39) 1994 A lachos (5116_CR46) 2009 L Khan (5116_CR41) 2007; 16 R Sommer (5116_CR14) 2010 S E Guttõrmsson (5116_CR24) 1999; 14 D Y Yeung (5116_CR30) 2002 A Sharma (5116_CR2) 2010; 34 J Zhang (5116_CR45) 2005; 24 U M Fayyad (5116_CR52) 1993 M Y Su (5116_CR11) 2009; 28 R L Grossman (5116_CR21) 1997 D Anderson (5116_CR27) 1995 W Wang (5116_CR44) 1997 P Sangkatsanee (5116_CR12) 2011; 34 C Sanders (5116_CR19) 2013 K Hempstalk (5116_CR58) 2008; 5211 D E Denning (5116_CR3) 1987; 13 S Y Wu (5116_CR6) 2009; 36 J Zhang (5116_CR22) 2013; 13 A R Vasudevan (5116_CR60) 2011 S Y Jiang (5116_CR7) 2006; 27 S Ramaswamy (5116_CR34) 2000; 29 A Zimek (5116_CR50) 2013; 15 S Mukkamala (5116_CR16) 2002 A K Jain (5116_CR15) 2010; 31 M H Bhuyan (5116_CR4) 2014; 16 S Garcia (5116_CR51) 2013; 25 G Karypis (5116_CR42) 1999; 32 T Fawcett (5116_CR28) 1999 DMJ Tax (5116_CR55) 2001; 2096 L C Wuu (5116_CR18) 2007; 80 J Dougherty (5116_CR53) 1995 D Freedman (5116_CR23) 1978 G Giacinto (5116_CR59) 2008; 9 D M J Tax (5116_CR56) 2001 L Kaufman (5116_CR38) 1990 E M Knorr (5116_CR31) 1998 G Sheikholeslami (5116_CR43) 2000; 8 M M Moya (5116_CR54) 1993 C C Aggarwal (5116_CR25) 2005 E M Knorr (5116_CR33) 2000; 8 A Tajbakhsh (5116_CR10) 2009; 9 I Corona (5116_CR1) 2013; 239 A R Vasudevan (5116_CR48) 2013 |
References_xml | – volume: 13 start-page: 1 issue: 1 year: 2013 end-page: 26 ident: CR22 article-title: Advancements of outlier detection: a survey publication-title: ICST Transactions on Scalable Information Systems doi: 10.4108/trans.sis.2013.01-03.e2 contributor: fullname: Zhang – start-page: 371 year: 1999 end-page: 377 ident: CR13 article-title: An application of machine learning to network intrusion detection publication-title: Proceedings of the 15th Annual Conference on Computer Security Applications doi: 10.1109/CSAC.1999.816048 contributor: fullname: Matzner – start-page: 797 year: 1993 end-page: 801 ident: CR54 article-title: One-class classifier networks for target recognition applications publication-title: Proceedings of World Congress on Neural Networks contributor: fullname: Hostetler – volume: 29 start-page: 93 issue: 2 year: 2000 end-page: 104 ident: CR35 article-title: LOF: identifying densitybased local outliers publication-title: ACM SIGMOD Record doi: 10.1145/335191.335388 contributor: fullname: Sander – volume: 32 start-page: 68 issue: 8 year: 1999 end-page: 75 ident: CR42 article-title: CHAMELEON: ahierarchical clustering algorithm using dynamic modeling publication-title: Computer doi: 10.1109/2.781637 contributor: fullname: Kumar – volume: 16 start-page: 507 issue: 4 year: 2007 end-page: 521 ident: CR41 article-title: A new intrusion detection system using support vector machines and hierarchical clustering publication-title: The VLDB Journal — The International Journal on Very Large Data Bases doi: 10.1007/s00778-006-0002-5 contributor: fullname: Thuraisingham – start-page: 74 year: 2009 end-page: 82 ident: CR46 article-title: Unsupervised and constrained Dirichlet process mixture models for verb clustering publication-title: Proceedings of the Workshop on Geometrical Models of Natural Language Semantics doi: 10.3115/1705415.1705425 contributor: fullname: Ghahramani – start-page: 392 year: 1998 end-page: 403 ident: CR31 article-title: Algorithms for mining distancebased outliers in large datasets publication-title: Proceedings of the 24th International Conference on Very Large Data Bases contributor: fullname: Ng – year: 2013 ident: CR19 article-title: Applied Network Security Monitoring Collection, Detection, and Analysis publication-title: Elsevier contributor: fullname: Smith – volume: 80 start-page: 1699 issue: 10 year: 2007 end-page: 1715 ident: CR18 article-title: Building intrusion pattern miner for Snort network intrusion detection system publication-title: Journal of Systems and Software doi: 10.1016/j.jss.2006.12.546 contributor: fullname: Chen – volume: 34 start-page: 2227 issue: 18 year: 2011 end-page: 2235 ident: CR12 article-title: Practical real-time intrusion detection using machine learning approaches publication-title: Computer Communications doi: 10.1016/j.comcom.2011.07.001 contributor: fullname: Charnsripinyo – volume: 141 start-page: 217 issue: 4 year: 1994 end-page: 222 ident: CR29 article-title: Novelty detection and neural network validation publication-title: IEE Proceedings — Vision, Image and Signal Processing doi: 10.1049/ip-vis:19941330 contributor: fullname: Bishop – year: 1978 ident: CR23 publication-title: Purves: Statistics contributor: fullname: Pisani – year: 1997 ident: CR21 publication-title: Data Mining: Challenges and Opportunities for Data Mining During the Next Decade contributor: fullname: Grossman – volume: 16 start-page: 303 issue: 1 year: 2014 end-page: 336 ident: CR4 article-title: Network anomaly detection: methods, systems and tools publication-title: IEEE Communications Surveys & Tutorials doi: 10.1109/SURV.2013.052213.00046 contributor: fullname: Kalita – start-page: 194 year: 1995 end-page: 202 ident: CR53 article-title: Supervised and unsupervised discretization of continuous features publication-title: Proceedings of the 12th International Conference on Machine Learning contributor: fullname: Sahami – volume: 27 start-page: 802 issue: 7 year: 2006 end-page: 810 ident: CR7 article-title: A clustering-based method for unsupervised intrusion detections publication-title: Pattern Recognition Letters doi: 10.1016/j.patrec.2005.11.007 contributor: fullname: Li – volume: 27 start-page: 1569 issue: 16 year: 2004 end-page: 1584 ident: CR20 article-title: Anomaly detection methods in wired networks: a survey and taxonomy publication-title: Computer Networks contributor: fullname: Diaz-Verdejo – year: 1995 ident: CR27 article-title: Next Generation Intrusion Detection Expert System (NIDES): A Summary publication-title: Menio Park, CA: SRI International, Computer Science Laboratory contributor: fullname: Valdes – volume: 25 start-page: 734 issue: 4 year: 2013 end-page: 750 ident: CR51 article-title: A survey of discretization techniques: Taxonomy and empirical analysis in supervised learning publication-title: IEEE Transactions on Knowledge and Data Engineering doi: 10.1109/TKDE.2012.35 contributor: fullname: Herrera – start-page: 211 year: 1999 end-page: 222 ident: CR32 article-title: Finding Intentional Knowledge of Distance-based Outliers publication-title: Proceedings of the 25th International Conference on Very Large Data Bases contributor: fullname: Ng – start-page: 1702 year: 2002 end-page: 1707 ident: CR16 article-title: Intrusion detection using neural networks and support vector machines publication-title: Proceedings of the 2002 International Joint Conference on Neural Networks contributor: fullname: Sung – volume: 66 start-page: 229 issue: 2 year: 1979 end-page: 236 ident: CR26 article-title: Bayesian analysis of some outlier problems in time series publication-title: Biometrika doi: 10.1093/biomet/66.2.229 contributor: fullname: Box – volume: 15 start-page: 11 issue: 1 year: 2013 end-page: 22 ident: CR50 article-title: Ensembles for unsupervised outlier detection: challenges and research questions a position paper publication-title: ACM SIGKDD Explorations Newsletter doi: 10.1145/2594473.2594476 contributor: fullname: Sander – start-page: 385 year: 2002 end-page: 388 ident: CR30 article-title: Parzen-window network intrusion detectors publication-title: Proceedings of the 16th International Conference on Pattern Recognition contributor: fullname: Chow – volume: 30 start-page: 353 issue: 6 year: 2011 end-page: 375 ident: CR5 article-title: Data preprocessing for anomaly based network intrusion detection: a review publication-title: Computers & Security doi: 10.1016/j.cose.2011.05.008 contributor: fullname: Clark – volume: 36 start-page: 29 year: 2006 end-page: 48 ident: CR57 article-title: One-class classifiers: a review and analysis of suitability in the context of mobile-masquerader detection publication-title: South African Computer Journal contributor: fullname: Mazhelis – start-page: 1022 year: 1993 end-page: 1027 ident: CR52 article-title: Multi-interval discretization of continuousvalued attributes for classification learning publication-title: Proceedings of the 13th International Joint Conference on Artificial Intelligence contributor: fullname: Irani – volume: 2096 start-page: 299 year: 2001 end-page: 308 ident: CR55 article-title: Combining one-class classifiers publication-title: Lecture Notes in Computer Science doi: 10.1007/3-540-48219-9_30 contributor: fullname: Duin – start-page: 501 year: 2010 end-page: 505 ident: CR8 article-title: Data mining based network intrusion detection system: a survey publication-title: Novel Algorithms and Techniques in Telecommunications and Networking.Springer Netherlands doi: 10.1007/978-90-481-3662-9_86 contributor: fullname: Mahmood – volume: 28 start-page: 301 issue: 5 year: 2009 end-page: 309 ident: CR11 article-title: A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach publication-title: Computers & Security doi: 10.1016/j.cose.2008.12.001 contributor: fullname: Lin – volume: 5211 start-page: 505 year: 2008 end-page: 519 ident: CR58 article-title: One-class classification by combining density and class probability estimation publication-title: Lecture Notes in Computer Science doi: 10.1007/978-3-540-87479-9_51 contributor: fullname: Witten – volume: 34 start-page: 62 issue: 1 year: 2010 end-page: 73 ident: CR2 article-title: Cyber wars: a paradigm shift from means to ends publication-title: Strategic Analysis doi: 10.1080/09700160903354450 contributor: fullname: Sharma – year: 2001 ident: CR56 article-title: One-class classification, concept learning in the absence of counter examples publication-title: Dissertation for the Doctoral Degree. Delft: Delft University of Technology contributor: fullname: Tax – start-page: 211 year: 2006 end-page: 218 ident: CR9 article-title: Intrusion detection systems using adaptive regression spines publication-title: Enterprise Information Systems VI doi: 10.1007/1-4020-3675-2_25 contributor: fullname: Filipe – start-page: 1649 year: 2009 end-page: 1652 ident: CR36 article-title: LoOP: Local Outlier Probabilities publication-title: Proceedings of the 18th ACM conference on Information and knowledge management contributor: fullname: Zimek – volume: 36 start-page: 5605 issue: 3 year: 2009 end-page: 5612 ident: CR6 article-title: Data mining-based intrusion detectors publication-title: Expert Systems with Applications doi: 10.1016/j.eswa.2008.06.138 contributor: fullname: Yen – volume: 14 start-page: 16 issue: 1 year: 1999 end-page: 22 ident: CR24 article-title: Elliptical novelty grouping for on-line short-turn detection of excited running rotors publication-title: IEEE Transactions on Energy Conversion doi: 10.1109/60.749142 contributor: fullname: Kerszenbaum – volume: 29 start-page: 427 issue: 2 year: 2000 end-page: 438 ident: CR34 article-title: Efficient algorithms for mining outliers from large data sets publication-title: ACM SIGMOD Record doi: 10.1145/335191.335437 contributor: fullname: Shim – volume: 239 start-page: 201 issue: 1 year: 2013 end-page: 225 ident: CR1 article-title: Adversarial attacks against intrusion detection systems: taxonomy, solutions and open issues publication-title: Information Sciences doi: 10.1016/j.ins.2013.03.022 contributor: fullname: Roli – start-page: 25 year: 2003 end-page: 36 ident: CR49 article-title: A comparative study of anomaly detection schemes in network intrusion detection publication-title: Proceedings of the 2003 SIAM International Conference on Data Mining doi: 10.1137/1.9781611972733.3 contributor: fullname: Srivastava – start-page: 73 year: 1998 end-page: 84 ident: CR40 article-title: CURE: an efficient clustering algorithm for large databases publication-title: Proceedings of the 1998 ACM SIGMOD International Conference on Management of Data doi: 10.1145/276304.276312 contributor: fullname: Shim – volume: 13 start-page: 222 issue: 2 year: 1987 end-page: 232 ident: CR3 article-title: An intrusion-detection model publication-title: IEEE Transactions on Software Engineering doi: 10.1109/TSE.1987.232894 contributor: fullname: Denning – volume: 24 start-page: 5 issue: 1 year: 2005 end-page: 27 ident: CR45 article-title: Clustering in dynamic spatial databases publication-title: Journal of Intelligent Information Systems doi: 10.1007/s10844-005-0265-0 contributor: fullname: Lee – year: 1990 ident: CR38 publication-title: Finding Groups in Data: An Introduction to Cluster Analysis doi: 10.1002/9780470316801 contributor: fullname: Rousseeuw – volume: 9 start-page: 462 issue: 2 year: 2009 end-page: 469 ident: CR10 article-title: Intrusion detection using fuzzy association rules publication-title: Applied Soft Computing doi: 10.1016/j.asoc.2008.06.001 contributor: fullname: Mirzaei – start-page: 315 year: 2003 end-page: 326 ident: CR37 article-title: LOCI: fast outlier detection using the local correlation integral publication-title: Proceedings of the 19th IEEE International Conference on Data Engineering contributor: fullname: Faloutsos – year: 2005 ident: CR25 article-title: OnAbnormality Detection in Spuriously Populated Data Streams publication-title: Proceedings of the 2005 SIAM International Conference on Data Mining contributor: fullname: Aggarwal – start-page: 144 year: 1994 end-page: 155 ident: CR39 article-title: Efficient and effective clustering methods for spatial data mining publication-title: Proceedings of the 20th International Conference on Very Large Data Bases contributor: fullname: Han – volume: 170 start-page: 29 year: 2012 end-page: 44 ident: CR17 article-title: Bayesian based intrusion detection system publication-title: Lecture Notes in Electrical Engineering doi: 10.1007/978-94-007-4786-9_3 contributor: fullname: Altwaijry – year: 2013 ident: CR48 article-title: Evolution of a hybrid model using Dirichlet process clustering technique and naive Bayes cassifier for an effective perimeter security device publication-title: Technical Report contributor: fullname: Selvakumar – volume: 9 start-page: 69 issue: 1 year: 2008 end-page: 82 ident: CR59 article-title: Intrusion detection in computer networks by a modular ensemble of one-class classifiers publication-title: Information Fusion doi: 10.1016/j.inffus.2006.10.002 contributor: fullname: Roli – start-page: 305 year: 2010 end-page: 316 ident: CR14 article-title: Outside the closed world: on using machine learning for network intrusion detection publication-title: Proceedings of IEEE Symposium on Security and Privacy contributor: fullname: Paxson – volume: 8171 start-page: 364 year: 2013 end-page: 373 ident: CR47 article-title: Anomaly intrusion detection using incremental learning of an infinite mixture model with feature selection publication-title: Lecture Notes in Computer Science doi: 10.1007/978-3-642-41299-8_35 contributor: fullname: Sallay – start-page: 1 year: 2011 end-page: 5 ident: CR60 article-title: SSENet-2011: a network intrusion detection system dataset and its comparison with KDD CUP 99 dataset publication-title: Proceedings of the 2nd IEEE Asian Himalayas International Conference on Internet (AH-ICI 2011) doi: 10.1109/AHICI.2011.6113948 contributor: fullname: Selvakumar – start-page: 53 year: 1999 end-page: 62 ident: CR28 article-title: Activity monitoring: noticing interesting changes in behavior publication-title: Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining contributor: fullname: Provost – volume: 8 start-page: 289 issue: 3-4 year: 2000 end-page: 304 ident: CR43 article-title: WaveCluster: a waveletbased clustering approach for spatial data in very large databases publication-title: The VLDB Journal—The International Journal on Very Large Data Bases doi: 10.1007/s007780050009 contributor: fullname: Zhang – start-page: 186 year: 1997 end-page: 195 ident: CR44 article-title: STING: astatistical information grid approach to spatial data mining publication-title: Proceedings of the 23rd International Conference on Very Large Data Bases contributor: fullname: Muntz – volume: 8 start-page: 237 issue: 3-4 year: 2000 end-page: 253 ident: CR33 article-title: Distance-based outliers: algorithms and applications publication-title: The VLDB Journal — The International Journal on Very Large Data Bases doi: 10.1007/s007780050006 contributor: fullname: Tucakov – volume: 31 start-page: 651 issue: 8 year: 2010 end-page: 666 ident: CR15 article-title: Data clustering: 50 years beyond K-means publication-title: Pattern Recognition Letters doi: 10.1016/j.patrec.2009.09.011 contributor: fullname: Jain – volume: 8 start-page: 289 issue: 3-4 year: 2000 ident: 5116_CR43 publication-title: The VLDB Journal—The International Journal on Very Large Data Bases doi: 10.1007/s007780050009 contributor: fullname: G Sheikholeslami – volume: 170 start-page: 29 year: 2012 ident: 5116_CR17 publication-title: Lecture Notes in Electrical Engineering doi: 10.1007/978-94-007-4786-9_3 contributor: fullname: H Altwaijry – volume: 34 start-page: 62 issue: 1 year: 2010 ident: 5116_CR2 publication-title: Strategic Analysis doi: 10.1080/09700160903354450 contributor: fullname: A Sharma – volume: 36 start-page: 5605 issue: 3 year: 2009 ident: 5116_CR6 publication-title: Expert Systems with Applications doi: 10.1016/j.eswa.2008.06.138 contributor: fullname: S Y Wu – volume: 80 start-page: 1699 issue: 10 year: 2007 ident: 5116_CR18 publication-title: Journal of Systems and Software doi: 10.1016/j.jss.2006.12.546 contributor: fullname: L C Wuu – volume: 8 start-page: 237 issue: 3-4 year: 2000 ident: 5116_CR33 publication-title: The VLDB Journal — The International Journal on Very Large Data Bases doi: 10.1007/s007780050006 contributor: fullname: E M Knorr – volume: 16 start-page: 303 issue: 1 year: 2014 ident: 5116_CR4 publication-title: IEEE Communications Surveys & Tutorials doi: 10.1109/SURV.2013.052213.00046 contributor: fullname: M H Bhuyan – volume-title: Menio Park, CA: SRI International, Computer Science Laboratory year: 1995 ident: 5116_CR27 contributor: fullname: D Anderson – volume: 29 start-page: 427 issue: 2 year: 2000 ident: 5116_CR34 publication-title: ACM SIGMOD Record doi: 10.1145/335191.335437 contributor: fullname: S Ramaswamy – volume: 25 start-page: 734 issue: 4 year: 2013 ident: 5116_CR51 publication-title: IEEE Transactions on Knowledge and Data Engineering doi: 10.1109/TKDE.2012.35 contributor: fullname: S Garcia – start-page: 385 volume-title: Proceedings of the 16th International Conference on Pattern Recognition year: 2002 ident: 5116_CR30 contributor: fullname: D Y Yeung – start-page: 501 volume-title: Novel Algorithms and Techniques in Telecommunications and Networking.Springer Netherlands year: 2010 ident: 5116_CR8 doi: 10.1007/978-90-481-3662-9_86 contributor: fullname: R GM Helali – volume-title: Data Mining: Challenges and Opportunities for Data Mining During the Next Decade year: 1997 ident: 5116_CR21 contributor: fullname: R L Grossman – volume: 141 start-page: 217 issue: 4 year: 1994 ident: 5116_CR29 publication-title: IEE Proceedings — Vision, Image and Signal Processing doi: 10.1049/ip-vis:19941330 contributor: fullname: C Bishop – volume: 36 start-page: 29 year: 2006 ident: 5116_CR57 publication-title: South African Computer Journal contributor: fullname: O Mazhelis – start-page: 1649 volume-title: Proceedings of the 18th ACM conference on Information and knowledge management year: 2009 ident: 5116_CR36 doi: 10.1145/1645953.1646195 contributor: fullname: H P Kriegel – start-page: 1022 volume-title: Proceedings of the 13th International Joint Conference on Artificial Intelligence year: 1993 ident: 5116_CR52 contributor: fullname: U M Fayyad – start-page: 315 volume-title: Proceedings of the 19th IEEE International Conference on Data Engineering year: 2003 ident: 5116_CR37 contributor: fullname: S Papadimitriou – start-page: 144 volume-title: Proceedings of the 20th International Conference on Very Large Data Bases year: 1994 ident: 5116_CR39 contributor: fullname: R T Ng – start-page: 1702 volume-title: Proceedings of the 2002 International Joint Conference on Neural Networks year: 2002 ident: 5116_CR16 contributor: fullname: S Mukkamala – volume: 9 start-page: 462 issue: 2 year: 2009 ident: 5116_CR10 publication-title: Applied Soft Computing doi: 10.1016/j.asoc.2008.06.001 contributor: fullname: A Tajbakhsh – start-page: 371 volume-title: Proceedings of the 15th Annual Conference on Computer Security Applications year: 1999 ident: 5116_CR13 doi: 10.1109/CSAC.1999.816048 contributor: fullname: C Sinclair – volume: 13 start-page: 1 issue: 1 year: 2013 ident: 5116_CR22 publication-title: ICST Transactions on Scalable Information Systems doi: 10.4108/trans.sis.2013.01-03.e2 contributor: fullname: J Zhang – volume: 31 start-page: 651 issue: 8 year: 2010 ident: 5116_CR15 publication-title: Pattern Recognition Letters doi: 10.1016/j.patrec.2009.09.011 contributor: fullname: A K Jain – volume: 34 start-page: 2227 issue: 18 year: 2011 ident: 5116_CR12 publication-title: Computer Communications doi: 10.1016/j.comcom.2011.07.001 contributor: fullname: P Sangkatsanee – volume: 27 start-page: 1569 issue: 16 year: 2004 ident: 5116_CR20 publication-title: Computer Networks contributor: fullname: J M Estevez-Tapiador – volume: 239 start-page: 201 issue: 1 year: 2013 ident: 5116_CR1 publication-title: Information Sciences doi: 10.1016/j.ins.2013.03.022 contributor: fullname: I Corona – volume-title: Finding Groups in Data: An Introduction to Cluster Analysis year: 1990 ident: 5116_CR38 doi: 10.1002/9780470316801 contributor: fullname: L Kaufman – volume: 14 start-page: 16 issue: 1 year: 1999 ident: 5116_CR24 publication-title: IEEE Transactions on Energy Conversion doi: 10.1109/60.749142 contributor: fullname: S E Guttõrmsson – volume: 15 start-page: 11 issue: 1 year: 2013 ident: 5116_CR50 publication-title: ACM SIGKDD Explorations Newsletter doi: 10.1145/2594473.2594476 contributor: fullname: A Zimek – volume-title: Technical Report year: 2013 ident: 5116_CR48 contributor: fullname: A R Vasudevan – volume: 30 start-page: 353 issue: 6 year: 2011 ident: 5116_CR5 publication-title: Computers & Security doi: 10.1016/j.cose.2011.05.008 contributor: fullname: J J Davis – volume: 27 start-page: 802 issue: 7 year: 2006 ident: 5116_CR7 publication-title: Pattern Recognition Letters doi: 10.1016/j.patrec.2005.11.007 contributor: fullname: S Y Jiang – volume: 2096 start-page: 299 year: 2001 ident: 5116_CR55 publication-title: Lecture Notes in Computer Science doi: 10.1007/3-540-48219-9_30 contributor: fullname: DMJ Tax – start-page: 305 volume-title: Proceedings of IEEE Symposium on Security and Privacy year: 2010 ident: 5116_CR14 contributor: fullname: R Sommer – volume: 13 start-page: 222 issue: 2 year: 1987 ident: 5116_CR3 publication-title: IEEE Transactions on Software Engineering doi: 10.1109/TSE.1987.232894 contributor: fullname: D E Denning – volume: 24 start-page: 5 issue: 1 year: 2005 ident: 5116_CR45 publication-title: Journal of Intelligent Information Systems doi: 10.1007/s10844-005-0265-0 contributor: fullname: J Zhang – start-page: 392 volume-title: Proceedings of the 24th International Conference on Very Large Data Bases year: 1998 ident: 5116_CR31 contributor: fullname: E M Knorr – start-page: 211 volume-title: Proceedings of the 25th International Conference on Very Large Data Bases year: 1999 ident: 5116_CR32 contributor: fullname: E M Knorr – start-page: 74 volume-title: Proceedings of the Workshop on Geometrical Models of Natural Language Semantics year: 2009 ident: 5116_CR46 doi: 10.3115/1705415.1705425 contributor: fullname: A lachos – volume: 5211 start-page: 505 year: 2008 ident: 5116_CR58 publication-title: Lecture Notes in Computer Science doi: 10.1007/978-3-540-87479-9_51 contributor: fullname: K Hempstalk – volume: 9 start-page: 69 issue: 1 year: 2008 ident: 5116_CR59 publication-title: Information Fusion doi: 10.1016/j.inffus.2006.10.002 contributor: fullname: G Giacinto – volume-title: Proceedings of the 2005 SIAM International Conference on Data Mining year: 2005 ident: 5116_CR25 contributor: fullname: C C Aggarwal – start-page: 1 volume-title: Proceedings of the 2nd IEEE Asian Himalayas International Conference on Internet (AH-ICI 2011) year: 2011 ident: 5116_CR60 doi: 10.1109/AHICI.2011.6113948 contributor: fullname: A R Vasudevan – volume: 29 start-page: 93 issue: 2 year: 2000 ident: 5116_CR35 publication-title: ACM SIGMOD Record doi: 10.1145/335191.335388 contributor: fullname: MM Breunig – start-page: 211 volume-title: Enterprise Information Systems VI year: 2006 ident: 5116_CR9 doi: 10.1007/1-4020-3675-2_25 contributor: fullname: S Mukkamala – start-page: 186 volume-title: Proceedings of the 23rd International Conference on Very Large Data Bases year: 1997 ident: 5116_CR44 contributor: fullname: W Wang – volume-title: Dissertation for the Doctoral Degree. Delft: Delft University of Technology year: 2001 ident: 5116_CR56 contributor: fullname: D M J Tax – start-page: 53 volume-title: Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining year: 1999 ident: 5116_CR28 doi: 10.1145/312129.312195 contributor: fullname: T Fawcett – start-page: 73 volume-title: Proceedings of the 1998 ACM SIGMOD International Conference on Management of Data year: 1998 ident: 5116_CR40 doi: 10.1145/276304.276312 contributor: fullname: S Guha – volume: 8171 start-page: 364 year: 2013 ident: 5116_CR47 publication-title: Lecture Notes in Computer Science doi: 10.1007/978-3-642-41299-8_35 contributor: fullname: W Fan – volume: 32 start-page: 68 issue: 8 year: 1999 ident: 5116_CR42 publication-title: Computer doi: 10.1109/2.781637 contributor: fullname: G Karypis – start-page: 797 volume-title: Proceedings of World Congress on Neural Networks year: 1993 ident: 5116_CR54 contributor: fullname: M M Moya – volume-title: Purves: Statistics year: 1978 ident: 5116_CR23 contributor: fullname: D Freedman – start-page: 25 volume-title: Proceedings of the 2003 SIAM International Conference on Data Mining year: 2003 ident: 5116_CR49 doi: 10.1137/1.9781611972733.3 contributor: fullname: A Lazarevic – volume: 66 start-page: 229 issue: 2 year: 1979 ident: 5116_CR26 publication-title: Biometrika doi: 10.1093/biomet/66.2.229 contributor: fullname: B Abraham – volume-title: Elsevier year: 2013 ident: 5116_CR19 contributor: fullname: C Sanders – start-page: 194 volume-title: Proceedings of the 12th International Conference on Machine Learning year: 1995 ident: 5116_CR53 contributor: fullname: J Dougherty – volume: 28 start-page: 301 issue: 5 year: 2009 ident: 5116_CR11 publication-title: Computers & Security doi: 10.1016/j.cose.2008.12.001 contributor: fullname: M Y Su – volume: 16 start-page: 507 issue: 4 year: 2007 ident: 5116_CR41 publication-title: The VLDB Journal — The International Journal on Very Large Data Bases doi: 10.1007/s00778-006-0002-5 contributor: fullname: L Khan |
SSID | ssj0002025522 |
Score | 2.1527631 |
Snippet | Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered... Identification of attacks by a network intrusion detection system (NIDS) is an important task. In signature or rule based detection, the previously encountered... |
SourceID | proquest crossref springer higheredpress chongqing |
SourceType | Aggregation Database Publisher |
StartPage | 755 |
SubjectTerms | Classifiers Clustering Communications traffic Computer Science Data analysis Data mining Datasets Deviation Dirichlet Dirichlet problem Discretizer DP clustering False alarms hierarchical model Intrusion detection systems LOF Machine learning NIDS one class classifier Outliers (statistics) Research Article Supervised learning Traffic models 分类器 因子和 局部异常因子 层次模型 数据集 监督学习 网络入侵检测系统 |
SummonAdditionalLinks | – databaseName: ProQuest Technology Collection dbid: 8FG link: http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LS8QwEB58XATxLa4vcvCkhO0zSU8i4rqIelLwVpImUS_dle3_8C87k7a7rKCXUkgaKF_S-TrzzQzAhUEWriuruLG54xnuCa4yPFex0ZEXaJ9McLg9PYvxa_bwlr-twLjPhSFZZf9NDB9qO6nIRz5MiljJhCzKUBvyAlTN8Hr6xal_FMVZu2Yaq7AeU008yhkf3c-9LQlR5xBSSJBTcHJ79CHOkEcXyyDGyDnyD8EVFVr4mNTvX2g-lgzW5kdQXzgbVKpLrPRXIDXYp9EObHXEkt20O2EXVly9B9t90wbWneF9-H4k68VICIQWkbX9dpiuLZuRVxxXZpPasYpYdXv99DSRzJ1l1Dk7xB5ojdBFhyHrZdY1QdJVs4lnumkocZ991qxuReZ4S7kdNL6YSdrUmWsO4HV093I75l1XBl4hl2q4VoV3SsXemcjnKTKWSmbCCGWoEk1kEp2KwkZOVi6KnSysxj_MVOfKeoRepekhrNX4IkfApC-0I5Gt1xKJXKSyxEgj8Q-KCvOlZgAncxjKaVt9oxSCaiAiixvAZQ_MfHBRhJkQLRHRkhAt1QDiJehKT_UhqNv4f8-c9vCW3cmelYt9OICrHvLF8J-LHf-_2AlsIBUTrbTwFNYQFXeGdKcx52En_wDaw_v1 priority: 102 providerName: ProQuest |
Title | Local outlier factor and stronger one class classifier based hierarchical model for detection of attacks in network intrusion detection dataset |
URI | http://lib.cqvip.com/qk/71018X/201604/669659441.html https://journal.hep.com.cn/fcs/EN/10.1007/s11704-015-5116-8 https://link.springer.com/article/10.1007/s11704-015-5116-8 https://www.proquest.com/docview/2918720242/abstract/ |
Volume | 10 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1Na9wwEB2SzaVQmn7SbdKgQ08tWvwpyce0ZBPSNpTSQHoykiUlIaBtWeeSP9G_3BnZXrNtEshld0FaGTNjzfPM0xuAdwZRuG6s4saWjhfoE1wV-FylRideYHwyMeH29UQcnRbHZ-XZBmSr1EW4mg0VybhRj2fdUhkJEyVHjCC42oStkrpST2Br__Dn5zGzkhFMjuWDDPEDpxTHUM68bR0SVbhYhPPfeM214PT4IjItnI2M1DUE-k_RNMai-XZ3PnAZJQyJgnI1u27NrLn5X-DxAbf5FJ700JTtd770DDZceA7bQ9sH1u8CL-DPF4p_jKhEGFNZ17GH6WDZkvLqeC22CI41hMu7z0tPEylgWka9t2P1gtaIfXgY4mZmXRtJYYEtPNNtS0f_2WVgoaOp4086HULj40xity5d-xJO5wc_Ph3xvq8DbxCNtVyryjulUu9M4sscMU8jC2GEMqRlk5hM56KyiZONS1InK6vxHTXXpbIenUfl-SuYBLyR18Ckr7Qjmq7XEqFgoorMSCPxHYyk_XIzhZ2VcetfnX5HLQSpKCIOnML7wdyrwVHGmQxRoyFqMkStppCuOUTtSWGC-pXf95_dwWnqfm9Y1lmVKpkRNprCh8EJxuE7F3vzoNk78Aixnei4irswQSO5t4ifWrMHm2p-uNc_Nvj98eDk2_e_pBITLA |
link.rule.ids | 315,786,790,12792,21416,27957,27958,33408,33779,41116,42185,43635,43840,52146 |
linkProvider | Springer Nature |
linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1NT9wwEB1ROFAJla9WbPmoD5xAVvNpO6eqQixLWTiBxM2yY7twyYI2_4O_zIyT7GorlUu0krOWomfnvcw8zwCcWlThpnaKW1d6XuCa4KrAfZVakwSB_GRjwO32Tkweij-P5WMfcJv3tsrhnRhf1G5WU4z8Z1alSmbEKL9eXjl1jaLsat9C4xNsFDlSJ50UH18tYiwZCeaYSMhQSXAKdgyJzXh6LpXRglFyVB2CKyqv8DRr_r4iaazQ1NZT9Fx4F72pK1r0n_RpZKXxDnzp5ST73eG_C2u-2YPtoVUD63fuPrxNibMY2X-QB1nXZYeZxrE5xcJxZjZrPKtJS3fX50A3Esk5Rv2yY8aB5oi9cxhqXeZ8G41cDZsFZtqWjuuz54Y1nbUcf9KJDhpf3kmO1Llvv8LD-PL-YsL7Xgy8RgXVcqOq4JVKg7dJKHPUKbUshBXKUv2ZxGYmF5VLvKx9knpZOYPflbkplQsIuMrzb7De4IMcAJOhMp6stcFIlG-JKjIrrcTvJirHl9sRHC5g0C9dzQ0tBFU-RO02grMBmMXgsvQyIaoRUU2IajWCdAU6HagqBPUY_-g_RwO8ut_Pc71cfSM4HyBfDv93su8fT_YDNif3t1M9vb67OYTPKMZEZy48gnVEyB-j4GntSVzV75OA-yM |
linkToPdf | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1daxUxEB20BRGK9av02qp58ElJu59J9rGo12pr8cFCfYrJJrFFyK3c9cU_4V92Jrvb5RYVxJdlIdksYSY7ZzMnZwCeWUThpnWKW1d7XqFPcFXhusqtyYLA-GTThtv7E3F4Wr07q8-GOqfLke0-piT7Mw2k0hS7_UsX9qeDb7lM7ImaI2AQXN2E9QpXLbr4-sGbT0fTNktBmDnlEgoEE5z2O8bc5u_GIYWF80X88g3fvxKpNs4T7cK7RE9dgaPXMqgpMM034fM4pZ6P8nXve2f32h_X1B7_Y8534c4AWtlB72X34IaP92FzLAjBhu_DA_h5TJGREckIoy3ra_kwEx1b0o47vpctomctIfb-ehGoI4VSx6gqd8pr0BipQg9DRM2c7xJdLLJFYKbrSBSAXUQWewI73tK5EWqfehLvdem7h3A6f_3x5SEfKj7wFnFax41qglcqD95moS4RDbWyElYoSyo3mS1MKRqXedn6LPeycQb_XktTKxfQrVRZbsFaxIlsA5OhMZ4IvMFIBImZqgorrcS_MxL9K-0Mdq4srS97ZQ8tBOkrIkKcwfPR9leNk8AzGUKjITQZQqsZ5CveoQNpT1Al8789szt6kB6-GktdNLmSBaGmGbwYHWJq_uNgj_6p91O49eHVXB-_PTnagdsIAEVPaNyFNbSXf4wgq7NPhoX0CywAHVs |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Local+outlier+factor+and+stronger+one+class+classifier+based+hierarchical+model+for+detection+of+attacks+in+network+intrusion+detection+dataset&rft.jtitle=Frontiers+of+Computer+Science&rft.au=Vasudevan%2C+Alampallam+Ramaswamy&rft.au=Selvakumar%2C+Subramanian&rft.date=2016-08-01&rft.pub=Higher+Education+Press&rft.issn=2095-2228&rft.eissn=2095-2236&rft.volume=10&rft.issue=4&rft.spage=755&rft.epage=766&rft_id=info:doi/10.1007%2Fs11704-015-5116-8&rft.externalDocID=10_1007_s11704_015_5116_8 |
thumbnail_s | http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fimage.cqvip.com%2Fvip1000%2Fqk%2F71018X%2F71018X.jpg |