| Download | - View accepted manuscript: VNSOptClust: a Variable Neighborhood Search Based Approach for Unsupervised Anomaly Detection (PDF, 2.4 MiB)
|
|---|
| Author | Search for: Wang, Qian; Search for: Belacel, Nabil |
|---|
| Format | Text, Article |
|---|
| Conference | Second International Conference on Modelling, Computation and Optimization in Information Systems and Management Sciences (MCO 2008), September 8-10, 2008, Metz, France |
|---|
| Subject | unsupervised learning; automatic partitional clustering; variable neighborhood search; unsupervised anomaly detection |
|---|
| Abstract | In this paper, we present a new algorithm, VNSOptClust, for automatic clustering. The VNSOptClust algorithm exploits the basic Variable Neighborhood Search metaheuristic to allow clustering solutions to get out of local optimality with a poor value; it considers the statistic nature of data distribution to find an optimal solution with no dependency on the initial partition; it utilizes a cluster validity index as an objective function to obtain a compact and well-separated clustering result. As an application for unsupervised Anomaly Detection, our experiments show that (i) VNSOptClust has obtained an average detection rate of 71.2% with an acceptably low false positive rate of 0.9%; (ii) VNSOptClust can detect the majority of unknown attacks from each at.tack category, especially, it can detect 84% of the DOS attacks. It appears that VNSOptClust is a promising clustering method in automatically detecting unknown intrusions. |
|---|
| Publication date | 2008 |
|---|
| In | |
|---|
| Language | English |
|---|
| NRC number | NRCC 50406 |
|---|
| NPARC number | 8914445 |
|---|
| Export citation | Export as RIS |
|---|
| Report a correction | Report a correction (opens in a new tab) |
|---|
| Record identifier | cd4f2c5e-f49d-4c89-a0ca-992a0d72edcd |
|---|
| Record created | 2009-04-22 |
|---|
| Record modified | 2020-08-12 |
|---|
