Language selection

Government of Canada / Gouvernement du Canada

Search

VNSOptClust: a variable neighborhood search based approach for unsupervised anomaly detection

From National Research Council Canada

Download
  1. (PDF, 3.3 MiB)
AuthorSearch for: 1; Search for: 1
Affiliation
  1. National Research Council of Canada. NRC Institute for Information Technology
FormatText, Article
ConferenceSecond International Conference on Modelling, Computation and Optimization in Information Systems and Management Sciences (MCO 2008), September 8-10, 2008, Metz, France
Subjectunsupervised learning; automatic partitional clustering; variable neighborhood search; unsupervised anomaly detection
Abstract
In this paper, we present a new algorithm, VNSOptClust, for automatic clustering. The VNSOptClust algorithm exploits the basic Variable Neighborhood Search metaheuristic to allow clustering solutions to get out of local optimality with a poor value; it considers the statistic nature of data distribution to find an optimal solution with no dependency on the initial partition; it utilizes a cluster validity index as an objective function to obtain a compact and well-separated clustering result. As an application for unsupervised Anomaly Detection, our experiments show that (i) VNSOptClust has obtained an average detection rate of 71.2% with an acceptably low false positive rate of 0.9%; (ii) VNSOptClust can detect the majority of unknown attacks from each at.tack category, especially, it can detect 84% of the DOS attacks. It appears that VNSOptClust is a promising clustering method in automatically detecting unknown intrusions.
Publication date
In
  • Second International Conference on Modelling, Computation and Optimization in Information Systems and Management Sciences (MCO 2008) [Proceedings].
LanguageEnglish
NRC numberNRCC 50406
NPARC number8914445
Export citationExport as RIS
Report a correctionReport a correction (opens in a new tab)
Record identifiercd4f2c5e-f49d-4c89-a0ca-992a0d72edcd
Record created2009-04-22
Record modified2024-03-06
Date modified: