A Pre-clustering Method To Improve Anomaly Detection

Denis Hock; Martin Kappes; Bogdan Ghita

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

A Pre-clustering Method To Improve Anomaly Detection

Topics: Intrusion Detection & Prevention; Network Security

In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 0ICETE, 391-396, 2016 , Lisbon, Portugal

Authors: Denis Hock ¹ ; Martin Kappes ¹ and Bogdan Ghita ²

Affiliations: ¹ Frankfurt University of Applied Sciences, Germany ; ² Plymouth University, United Kingdom

Keyword(s): Computer Networks, Network Anomaly Detection, Clustering.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention ; Network Security ; Wireless Network Security

Abstract: While Anomaly Detection is commonly accepted as an appropriate technique to uncover yet unknown network misuse patterns and malware, detection rates are often diminished by, e.g., unpredictable user behavior, new applications and concept changes. In this paper, we propose and evaluate the benefits of using clustering methods for data preprocessing in Anomaly Detection in order to improve detection rates even in the presence of such events. We study our pre-clustering approach for different features such as IP addresses, traffic characteristics and application layer protocols. Our results obtained by analyzing detection rates for real network traffic with actual intrusions indicates that our approach does indeed significantly improve detection rates and, moreover, is practically feasible.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.226.222.132

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Hock, D.; Kappes, M. and Ghita, B. (2016). A Pre-clustering Method To Improve Anomaly Detection. In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications (ICETE 2016) - SECRYPT; ISBN 978-989-758-196-0; ISSN 2184-3236, SciTePress, pages 391-396. DOI: 10.5220/0005953003910396

@conference{secrypt16,
author={Denis Hock. and Martin Kappes. and Bogdan Ghita.},
title={A Pre-clustering Method To Improve Anomaly Detection},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications (ICETE 2016) - SECRYPT},
year={2016},
pages={391-396},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005953003910396},
isbn={978-989-758-196-0},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications (ICETE 2016) - SECRYPT
TI - A Pre-clustering Method To Improve Anomaly Detection
SN - 978-989-758-196-0
IS - 2184-3236
AU - Hock, D.
AU - Kappes, M.
AU - Ghita, B.
PY - 2016
SP - 391
EP - 396
DO - 10.5220/0005953003910396
PB - SciTePress