tailieunhanh - Clustering based feature selection and outlier analysis

This paper presents the results of an experimental study of some common intrusion detection techniques. In particular we compared the three main approaches to intrusion detection: FCC, Y-Means, and UAD. The aim of this study is to compare and find feasible clustering algorithms to achieve good performance with high efficiency while dealing with the intrusions. | ISSN:2249-5789 P Divya et al , International Journal of Computer Science & Communication Networks,Vol 2(6), 647-652 Clustering Based Feature Selection and Outlier Analysis P Divya Department of Computer Science, KAHM Unity Women’s College, Manjeri, Kerala-676122, India R Priya Department of Computer Science, Sree Narayana Guru College, Coimbatore, Tamil Nadu-641011, India Muhammed Basheer Ummathur Department of Chemistry, KAHM Unity Women’s College, Manjeri, Kerala-676122, India Abstract It is impossible for any computer system to be claimed immune to network intrusions. Since there is no perfect solution to prevent intrusions from happening, it is very important to detect them at the first moment of occurrence and take actions to minimize the possible damage. This paper presents the results of an experimental study of some common intrusion detection techniques. In particular we compared the three main approaches to intrusion detection: FCC, Y-Means, and UAD. The aim of this study is to compare and find feasible clustering algorithms to achieve good performance with high efficiency while dealing with the intrusions. 1. Introduction In recent years, considerable attention has been given to data mining approaches for addressing network security issues. This is particularly due to the increasing dependence on computer networks for personal, business, and government activities. An intrusion attack can result in several severity levels of incapacity and from loss of personal privacy to an enormous loss of business capital. An intrusion is any use of the given network that compromises its stability and/or security of information stored across the network. Network intrusion detection [1] models are used for detecting intrusions or anomalous behaviour. There are generally two types of approaches taken towards network intrusion detection : misuse detection and anomaly detection. In misuse detection, each network traffic record is identified as either normal or one of