Journal of the Korean Institute of Intelligent Systems (한국지능시스템학회논문지)

Korean Institute of Intelligent Systems (한국지능시스템학회)
권호 표지
DOI QR코드

DOI QR Code

Adaptive Intrusion Detection System Based on SVM and Clustering

SVM과 클러스터링 기반 적응형 침입탐지 시스템

  • 이한성 (고려대학교 컴퓨터정보학과) ;
  • 임영희 (대전대학교 컴퓨터정보통신공학부) ;
  • 박주영 (고려대학교 제어계측공학과) ;
  • 박대희 (고려대학교 컴퓨터정보학과)
  • Published : 2003.04.01
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we propose a new adaptive intrusion detection algorithm based on clustering: Kernel-ART, which is composed of the on-line clustering algorithm, ART (adaptive resonance theory), combining with mercer-kernel and concept vector. Kernel-ART is not only satisfying all desirable characteristics in the context of clustering-based IDS but also alleviating drawbacks associated with the supervised learning IDS. It is able to detect various types of intrusions in real-time by means of generating clusters incrementally.

본 논문에서는 클러스터링을 기반으로 하는 새로운 침입탐지 알고리즘인 Kernel-ART를 제안한다. Kernel-ART는 개념벡터(concept vector)와 SVM(support vector machine)의 머서 커널(mercer-kernel)을 온라인 클러스터링 알고리즘인 ART(adaptive resonance theory)에 접목시킨 새로운 알고리즘으로서 교사학습 기반 침입탐지 시스템의 단점을 극복할 뿐만 아니라, 클러스터링 기반 침입탐지 시스템에서 요구되는 모든 평가 기준들을 만족한다. 본 논문에서 제안하는 알고리즘은 클러스터를 점증적으로 생성함으로써 여러 가지 다양한 침입 유형들을 실시간으로 탐지할 수 있다.

Keywords

References

  1. Leonid Portnoy, Eleazar Eskin, and Salvatore J. Stolfo. "Intrusion detection with unlabeled data using clustering", Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA-2001), Philadelphia, PA: November 5-8, 2001.
  2. Jack Marin, Daniel Ragsdale, and John Shurdu, "A hybrid approach to the profile creation and intrusion detection", Proceedings of DARPA Information Suroivahility Coriference and Exposition, IEEE, 2001.
  3. Nong Ye and Xiangyang Li, "A scalable clustering technique for intrusion signature recognition", 2001 IEEE Man Systems and Cybernetics Iriformation Assurance Workshop, West Point, NY, June 5-6, 2001.
  4. Wenke Lee, Salvatore J. Stolfo, and Kui W. Mok, "A data mining framework for building intrusion detection models", Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 120-132, 1999.
  5. Jianxiong Luo and Susan M. Bridges, "Mining fuzzy association rules and fuzzy frequency episodes for intrusion detection", International Journal of Intelligent Systems, vol. 15, pp. 687-703, 2000. https://doi.org/10.1002/1098-111X(200008)15:8<687::AID-INT1>3.0.CO;2-X
  6. Nello Cristianini and John Shawe-Taylor, An introduction to support vector machines and other kernel-based learning methods, Cambridge University PRESS, 2000.
  7. Mark Girolami, "Mercer kernel based clustering in feature space", IEEE Transactions on Neural Networks, vol. 13, no. 4, pp. 780-784, 2002. https://doi.org/10.1109/TNN.2002.1000150
  8. Jiawei Han and Micheline Kamber, Data Mining: Concepts and Techniques, Morgan Kaufmann Publishers, 2001.1.
  9. A. Baraldi and E. Chang, "Simplified ART : A new class of ART algorithms", International Computer Science Institute, TR 98-004, 1998.
  10. I. S. Dhillon and D. S. Modha, "Concept decomposition for large sparse text data using clustering", Technical Report RJ 10147(95022), IBM Almaden Research Center, 1999.
  11. KDD CUP 1999 DATA, Available in http://kdd.ics.uci.edu/databases/kddcup99/kddcup99. html and http://www-cse.ucsd.edu/users/elkan/kdresults.htmI
  12. Results of the KDD '99 Classifier Learning Contest, Available in http://www-cse.ucsd.edu/users/elkan/clresults.html
  13. 유신근, 이남훈, 심영철, "침입탐지시스템 평가 방법론" 한국정보처리학회 논문집, vol. 7, no. 11, pp. 3445-3461, 2000.

Cited by

  1. Intruder Detection System Based on Pyroelectric Infrared Sensor vol.26, pp.5, 2016, https://doi.org/10.5391/JKIIS.2016.26.5.361