Clustering for Intrusion Detection: Network Scans as a Case of Study
Fecha de publicación
Springer Science + Business Media
International Joint Conference CISIS’12-ICEUTE´12-SOCO´12 Special Sessions Advances in Intelligent Systems and Computing. Advances in Intelligent Systems and Computing. Volumen 189, pp. 33-45.
MOVICAB-IDS has been previously proposed as a hybrid intelligent Intrusion Detection System (IDS). This on-going research aims to be one step towards adding automatic response to this visualization-based IDS by means of clustering techniques. As a sample case of study for the proposed clustering extension, it has been applied to the identification of different network scans. The aim is checking whether clustering and projection techniques could be compatible and consequently applied to a continuous network flow for intrusion detection. A comprehensive experimental study has been carried out on previously generated real-life data sets. Empirical results suggest that projection and clustering techniques could work in unison to enhance MOVICAB-IDS.
978-3-642-33017-9 (Print) / 978-3-642-33018-6 (Online)
- BISITE. Congresos 
Files in this item