JSW 2011 Vol.6(12): 2350-2360 ISSN: 1796-217X
doi: 10.4304/jsw.6.12.2350-2360
doi: 10.4304/jsw.6.12.2350-2360
An Efficient Hybrid Clustering-PSO Algorithm for Anomaly Intrusion Detection
Hongying Zheng, Meiju Hou, Yu Wang
College of Computer Science and Engineering, Chongqing University, Chongqing 400044, China
Abstract—Generally speaking, in anomaly intrusion detection, modeling the normal behavior of activities performed by a user or a program is an important issue. Currently most machine-learning algorithms which are widely used to establish user’s normal behaviors need labeled data for training first, so they are computational expensive and sometimes misled by artificial data. This study proposes a PSO-based optimized clustering method IDCPSO for modeling the normal patterns of a user’s activities which combines an unsupervised clustering algorithm with the PSO technique, PSO algorithm is used to optimize the clustering results and obtain the optimal detection result. IDCPSO needs unlabeled data for training and automatically establishes clusters so as to detect intruders by labeling normal and abnormal groups. The famous KDD Cup 1999 dataset is used to evaluate the proposed system. In addition, we compare the performance of PSO optimization process with GA.
Index Terms—PSO, Unsupervised Clustering, Anomaly Intrusion Detection, Optimization
Abstract—Generally speaking, in anomaly intrusion detection, modeling the normal behavior of activities performed by a user or a program is an important issue. Currently most machine-learning algorithms which are widely used to establish user’s normal behaviors need labeled data for training first, so they are computational expensive and sometimes misled by artificial data. This study proposes a PSO-based optimized clustering method IDCPSO for modeling the normal patterns of a user’s activities which combines an unsupervised clustering algorithm with the PSO technique, PSO algorithm is used to optimize the clustering results and obtain the optimal detection result. IDCPSO needs unlabeled data for training and automatically establishes clusters so as to detect intruders by labeling normal and abnormal groups. The famous KDD Cup 1999 dataset is used to evaluate the proposed system. In addition, we compare the performance of PSO optimization process with GA.
Index Terms—PSO, Unsupervised Clustering, Anomaly Intrusion Detection, Optimization
Cite: Hongying Zheng, Meiju Hou, Yu Wang, "An Efficient Hybrid Clustering-PSO Algorithm for Anomaly Intrusion Detection," Journal of Software vol. 6, no. 12, pp. 2350-2360, 2011.
General Information
ISSN: 1796-217X (Online)
Frequency: Quarterly
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, CNKI, Google Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsweditorialoffice@gmail.com
-
Mar 01, 2024 News!
Vol 19, No 1 has been published with online version [Click]
-
Jan 04, 2024 News!
JSW will adopt Article-by-Article Work Flow
-
Apr 01, 2024 News!
Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec) [Click]
-
Apr 01, 2024 News!
Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP [Click]
-
Nov 02, 2023 News!
Vol 18, No 4 has been published with online version [Click]